CVE-2019-8112
CVE-2019-8112
A security bypass vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can bypass the email confirmation mechanism via GET request that captures relevant account data obtained from the POST response related to new user creation.
Affected products
Adobe Systems Incorporated · Magento 2Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →