Skip to content

Improper access control on product page with combinations, attachments and specific prices

Moderate
PierreRambaud published GHSA-cvjj-grfv-f56w Apr 20, 2020

Package

No package listed

Affected versions

> 1.7.0.0

Patched versions

1.7.6.5

Description

Impact

Improper access control on product page with combinations, attachments and specific prices.

Patches

The problem is fixed in 1.7.6.5

References

Improper Access Control - Generic (CWE-284)
Introduce by these commit:
05e89ca
7958852
41cb141

Severity

Moderate

CVE ID

CVE-2020-5293

Weaknesses

No CWEs