Description
A cryptograhic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could be abused by an unauthenticated user to discover an invariant used in gift card generation.
Remediation
References
Related Vulnerabilities
Liferay Portal Excessive Iteration Vulnerability (CVE-2024-25144)
Apache Tomcat 7PK - Security Features Vulnerability (CVE-2002-0493)
WordPress Plugin Twenty20 Image Before-After Cross-Site Scripting (1.5.9)
WordPress Plugin All Category SEO Updater Cross-Site Scripting (0.2.7)
Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-34959)