Insecure Direct Object Reference (IDOR) Vulnerability in Magento Product Module
CVE-2021-21022 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object reference (IDOR) in the product module. Successful exploitation could lead to unauthorized access to restricted resources.
Learn more about our Web Application Penetration Testing UK.