Description
A denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Under certain conditions, an unauthenticated attacker could force the Magento store's full page cache to serve a 404 page to customers.
Remediation
References
Related Vulnerabilities
IBM RTC CVE-2020-4964 Vulnerability (CVE-2020-4964)
WebLogic CVE-2024-21260 Vulnerability (CVE-2024-21260)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3385)
PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-7568)
WordPress Plugin aoringo CAT setter Cross-Site Scripting (0.1.1)