OroCommerce package with customer portal and non authenticated visitor website base features. Back-office users can access information about Customer and Customer User menus, bypassing ACL security restrictions due to insufficient security checks. This issue has been patched in version 5.0.11 and 5.1.1.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-11-28T03:34:17.414Z
Updated: 2024-08-02T15:03:28.950Z
Reserved: 2023-05-01T16:47:35.314Z
Link: CVE-2023-32064

No data.

Status : Modified
Published: 2023-11-28T04:15:07.360
Modified: 2024-11-21T08:02:38.470
Link: CVE-2023-32064

No data.