Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object reference (IDOR) in the product module. Successful exploitation could lead to unauthorized access to restricted resources.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2021-02-11T19:29:31.371671Z

Updated: 2024-09-16T17:57:55.462Z

Reserved: 2020-12-18T00:00:00

Link: CVE-2021-21022

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-02-11T20:15:14.327

Modified: 2023-11-07T03:29:17.273

Link: CVE-2021-21022

cve-icon Redhat

No data.