Information Disclosure Vulnerability in Fastly CDN Module for Magento2

Information Disclosure Vulnerability in Fastly CDN Module for Magento2

CVE-2017-13761 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

The Fastly CDN module before 1.2.26 for Magento2, when used with a third-party authentication plugin, might allow remote authenticated users to obtain sensitive information from authenticated sessions via vectors involving caching of redirect responses.

Learn more about our User Device Pen Test.