CVE

CVE-2020-12101

CVE-2020-12101

The address-management feature in xt:Commerce 5.1 to 6.2.2 allows remote authenticated users to zero out other user’s stored addresses by manipulating an id field in the POST request for altering an address.

Source: CVE-2020-12101

Exit mobile version