A cross-site request forgery vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can result in unintended deletion of the store design schedule.
References
Link | Resource |
---|---|
https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33 | Vendor Advisory |
https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 04:48
Type | Values Removed | Values Added |
---|---|---|
References | () https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33 - Vendor Advisory |
Information
Published : 2019-08-02 22:15
Updated : 2024-11-21 04:48
NVD link : CVE-2019-7873
Mitre link : CVE-2019-7873
CVE.ORG link : CVE-2019-7873
JSON object : View
Products Affected
magento
- magento
CWE
CWE-352
Cross-Site Request Forgery (CSRF)