CVE-2020-24405
Incorrect permissions in Inventory module could lead to unauthorized modification of inventory stock data
Magento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect permissions issue vulnerability in the Inventory module. This vulnerability could be abused by authenticated users to modify inventory stock data without authorization.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Affected products
Adobe · Magento CommerceWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →