CVE-2019-7851

A cross-site request forgery vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can lead to unintended data deletion from customer pages.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*
cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*
cpe:2.3:a:magento:magento:*:*:*:*:open_source:*:*:*

History

21 Nov 2024, 04:48

Type Values Removed Values Added
References () https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33 - Vendor Advisory () https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33 - Vendor Advisory

Information

Published : 2019-08-02 22:15

Updated : 2024-11-21 04:48


NVD link : CVE-2019-7851

Mitre link : CVE-2019-7851

CVE.ORG link : CVE-2019-7851


JSON object : View

Products Affected

magento

  • magento
CWE
CWE-352

Cross-Site Request Forgery (CSRF)