Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Magento Improper Access Control Vulnerability - CVE-2021-21020 - Vulnerability Database
Magento

Magento Improper Access Control Vulnerability - CVE-2021-21020

Medium
Reference: CVE-2021-21020
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-21020
Title: Magento Improper Access Control Vulnerability
Overview:

Magento versions 2.4.1 (and earlier) 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an access control bypass vulnerability in the Login as Customer module. Successful exploitation could lead to unauthorized access to restricted resources.