SQL Injection Vulnerability in Spryker Commerce OS 0.9: Unauthorized Access to Sensitive Data via Customer/Order Search
CVE-2023-27568 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
SQL injection vulnerability inSpryker Commerce OS 0.9 that allows for access to sensitive data via customer/order?orderSearchForm[searchText]=
Learn more about our Web Application Penetration Testing UK.