Improper Input Validation Vulnerability in Magento Commerce Allows Price Manipulation during Checkout
CVE-2021-36030 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability during the checkout process. An unauthenticated attacker can leverage this vulnerability to alter the price of items.
Learn more about our Web Application Penetration Testing UK.