Description

A cryptograhic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could be abused by an unauthenticated user to discover an invariant used in gift card generation.

Remediation

References

CVE-2019-7855

Related Vulnerabilities

Liferay Portal Excessive Iteration Vulnerability (CVE-2024-25144)

Apache Tomcat 7PK - Security Features Vulnerability (CVE-2002-0493)

WordPress Plugin Twenty20 Image Before-After Cross-Site Scripting (1.5.9)

WordPress Plugin All Category SEO Updater Cross-Site Scripting (0.2.7)

Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-34959)

Severity

Medium

Classification

CVE-2019-7855 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities