Description
An information leakage vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges may be able to view metadata of a trusted device used by another administrator via a crafted http request.
Remediation
References
Related Vulnerabilities
Oracle Application Server Other Vulnerability (CVE-2002-1631)
PostgreSQL Resource Management Errors Vulnerability (CVE-2012-2655)
WordPress Plugin NOSpamPTI SQL Injection (2.1)
WordPress Plugin Rekt Slideshow TimThumb Arbitrary File Upload (1.0.5)
RubyGems Improper Input Validation Vulnerability (CVE-2017-0900)