pkg:Bitnami/magento

96 total CVEsCRITICAL28HIGH19MEDIUM41LOW8

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2024-34102⚠ KEVMagento Open Source affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p1, >= 2.4.6-alpha0, < 2.4.6-p6, >= 2.4.5-alpha0, < 2.4.5-p8, >= 2.4.4-alpha0, < 2.4.4-p9
  • CRITICAL9.8CVE-2022-24086⚠ KEVMagento improper input validation vulnerability
    from 0, < 2.3.0 | >= 2.3.3, <= 2.3.6, >= 2.3.7-p1, <= 2.3.7-p1, >= 2.3.7-p2, <= 2.3.7-p2, >= 2.4.0, <= 2.4.2, >= 2.4.3-p1, <= 2.4.3-p1, >= 2.4.3, <= 2.4.3
  • CRITICAL9.8CVE-2020-9632Magento security mitigation bypass vulnerability
    >= 2.2.0, < 2.2.12, >= 2.3.0, < 2.3.5
  • CRITICAL9.8CVE-2020-9630Magento business logic error vulnerability
    >= 2.2.0, < 2.2.12, >= 2.3.0, < 2.3.5
  • CRITICAL9.8CVE-2020-9631Magento security mitigation bypass vulnerability
    >= 2.2.0, < 2.2.12, >= 2.3.0, < 2.3.5
  • CRITICAL9.8CVE-2020-9585Magento Defense-in-depth security mitigation vulnerability
    >= 2.2.0, < 2.2.12, >= 2.3.0, < 2.3.5
  • CRITICAL9.8CVE-2020-9583Magento command injection vulnerability
    >= 2.2.0, < 2.2.12, >= 2.3.0, < 2.3.5
  • CRITICAL9.8CVE-2020-9582Magento command injection vulnerability
    >= 2.2.0, < 2.2.12, >= 2.3.0, < 2.3.5
  • CRITICAL9.8CVE-2020-9579Magento Security mitigation bypass vulnerability
    >= 2.2.0, < 2.2.12, >= 2.3.0, < 2.3.5
  • CRITICAL9.8CVE-2020-9576Magento command injection vulnerability
    >= 2.2.0, < 2.2.12, >= 2.3.0, < 2.3.5
  • CRITICAL9.8CVE-2020-9580Magento Security mitigation bypass vulnerability
    >= 2.2.0, < 2.2.12, >= 2.3.0, < 2.3.5
  • CRITICAL9.8CVE-2020-9578Magento command injection vulnerability
    >= 2.2.0, < 2.2.12, >= 2.3.0, < 2.3.5
  • CRITICAL9.8CVE-2020-3718Magento security bypass vulnerability
    >= 2.2.0, < 2.2.11, >= 2.3.0, < 2.3.4
  • CRITICAL9.8CVE-2020-3716Magento deserialization vulnerability
    >= 2.2.0, < 2.2.11, >= 2.3.0, < 2.3.4
  • CRITICAL9.6CVE-2020-9691Magento DOM-based Cross-site scripting vulnerability
    from 0, < 2.3.5
  • CRITICAL9.1CVE-2024-34108Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that cou…
    >= 2.4.7-alpha0, < 2.4.7-p1, >= 2.4.6-alpha0, < 2.4.6-p6, >= 2.4.5-alpha0, < 2.4.5-p8, >= 2.4.4-alpha0, < 2.4.4-p9
  • CRITICAL9.1CVE-2021-36023Magento Commerce Widgets Update Layout XML Injection Vulnerability Could Lead To Remote Code Execution
    from 0, < 2.3.7, >= 2.4.0, < 2.4.2
  • CRITICAL9.1CVE-2021-36036Magento Commerce Media Gallery Upload Improper Access Control Could Lead To Remote Code Execution
    from 0, < 2.3.7, >= 2.4.0, < 2.4.2
  • CRITICAL9.1CVE-2021-36021Magento Commerce CMS Page Improper Input Validation Could Lead To Remote Code Execution
    from 0, < 2.3.7, >= 2.4.0, < 2.4.2
  • CRITICAL9.1CVE-2022-34253Magento XML Injection vulnerability in the Widgets Module
    >= 2.3.0, < 2.3.7, >= 2.4.0, < 2.4.3 | >= 2.3.7-p1, <= 2.3.7-p1, >= 2.3.7-p2, <= 2.3.7-p2, >= 2.3.7-p3, <= 2.3.7-p3, >= 2.3.7, <= 2.3.7, >= 2.4.3-p1, <= 2.4.3-p1, >= 2.4.3-p2, <= 2.4.3-p2, >= 2.4.3, <= 2.4.3, >= 2.4.4, <= 2.4.4
  • CRITICAL9.1CVE-2021-21024Magento Commerce Blind SQL Injection Could Lead To Unauthorized Access
    from 0, < 2.3.6, >= 2.4.0, < 2.4.1
  • CRITICAL9.1CVE-2021-21019Magento Commerce XML Injection Could Lead To Remote Code Execution
    from 0, < 2.3.6, >= 2.4.0, < 2.4.2
  • CRITICAL9.1CVE-2021-21014Magento Commerce Arbitrary Folder Empty Could Lead To Arbitrary Code Execution
    from 0, < 2.3.6, >= 2.4.0, < 2.4.2
  • CRITICAL9.1CVE-2021-21018Magnto Commerce Unauthorized Data Modification Could Lead To Arbitrary Code Execution
    from 0, < 2.3.6, >= 2.4.0, < 2.4.2
  • CRITICAL9.1CVE-2021-21025Magento Commerce XML Injection Could Lead To Arbitrary Code Execution
    from 0, < 2.3.6, >= 2.4.0, < 2.4.1
  • CRITICAL9.1CVE-2021-21016Magento Commerce Unauthorized Data Modification Could Lead to Arbitrary Code Execution
    from 0, < 2.3.6, >= 2.4.0, < 2.4.2
  • CRITICAL9.1CVE-2020-24407Arbitrary code execution via file import functionality
    from 0, < 2.3.5, >= 2.4.0, < 2.4.1
  • CRITICAL9.0CVE-2024-20758Magento Open Source allows Improper Input Validation
    >= 2.4.7-alpha0, < 2.4.7, >= 2.4.6-alpha0, < 2.4.6-p5, >= 2.4.5-alpha0, < 2.4.5-p7, >= 2.4.4-alpha0, < 2.4.4-p8
  • HIGH8.8CVE-2024-45148Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authentication vulnerability that c…
    >= 2.4.7-alpha0, < 2.4.7-p3, >= 2.4.6-alpha0, < 2.4.6-p8, >= 2.4.5-alpha0, < 2.4.5-p10, from 0, < 2.4.4-p11
  • HIGH8.8CVE-2022-42344[CVE-2021-36032] Magento IDOR Leads to Account Takeover
    from 0, < 2.3.7, >= 2.4.0, < 2.4.5
  • HIGH8.8CVE-2022-34255Magento Improper Access Control vulnerability
    >= 2.3.0, < 2.3.7, >= 2.4.0, < 2.4.3 | >= 2.3.7-p1, <= 2.3.7-p1, >= 2.3.7-p2, <= 2.3.7-p2, >= 2.3.7-p3, <= 2.3.7-p3, >= 2.3.7, <= 2.3.7, >= 2.4.3-p1, <= 2.4.3-p1, >= 2.4.3-p2, <= 2.4.3-p2, >= 2.4.3, <= 2.4.3, >= 2.4.4, <= 2.4.4
  • HIGH8.5CVE-2022-34254Magento Path Traversal vulnerability
    >= 2.3.0, < 2.3.7, >= 2.4.0, < 2.4.3 | >= 2.3.7-p1, <= 2.3.7-p1, >= 2.3.7-p2, <= 2.3.7-p2, >= 2.3.7-p3, <= 2.3.7-p3, >= 2.3.7, <= 2.3.7, >= 2.4.3-p1, <= 2.4.3-p1, >= 2.4.3-p2, <= 2.4.3-p2, >= 2.4.3, <= 2.4.3, >= 2.4.4, <= 2.4.4
  • HIGH8.2CVE-2024-34104Magento Open Source Improper Authorization vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p1, >= 2.4.6-alpha0, < 2.4.6-p6, >= 2.4.5-alpha0, < 2.4.5-p8, >= 2.4.4-alpha0, < 2.4.4-p9
  • HIGH8.1CVE-2024-34103Magento Open Source Improper Authentication vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p1, >= 2.4.6-alpha0, < 2.4.6-p6, >= 2.4.5-alpha0, < 2.4.5-p8, >= 2.4.4-alpha0, < 2.4.4-p9
  • HIGH8.1CVE-2024-20759Magento Open Source allows Cross-Site Scripting (XSS)
    >= 2.4.7-alpha0, < 2.4.7, >= 2.4.6-alpha0, < 2.4.6-p5, >= 2.4.5-alpha0, < 2.4.5-p7, >= 2.4.4-alpha0, < 2.4.4-p8
  • HIGH8.1CVE-2021-21030Magento Commerce Stored Cross-site Scripting Could Lead To Arbitrary Javascript Execution
    from 0, < 2.3.6, >= 2.4.0, < 2.4.1
  • HIGH8.0CVE-2021-21015Magento Commerce Unauthorized Data Modification Could Lead to Arbitrary Code Execution
    from 0, < 2.3.6, >= 2.4.0, < 2.4.2
  • HIGH8.0CVE-2020-15151Observable Timing Discrepancy in OpenMage LTS
    from 0, < 2.3.6
  • HIGH7.5CVE-2022-34256Magento Improper Authorization vulnerability
    >= 2.3.0, < 2.3.7, >= 2.4.0, < 2.4.3 | >= 2.3.7-p1, <= 2.3.7-p1, >= 2.3.7-p2, <= 2.3.7-p2, >= 2.3.7-p3, <= 2.3.7-p3, >= 2.3.7, <= 2.3.7, >= 2.4.3-p1, <= 2.4.3-p1, >= 2.4.3-p2, <= 2.4.3-p2, >= 2.4.3, <= 2.4.3, >= 2.4.4, <= 2.4.4
  • HIGH7.5CVE-2021-28583Magento Commerce insecure storage of sensitive documentation
    from 0, < 2.3.6, >= 2.4.1, < 2.4.2, >= 2.4.2, < 2.4.3
  • HIGH7.5CVE-2020-9591Magento defense-in-depth security mitigation vulnerability
    >= 2.2.0, < 2.2.12, >= 2.3.0, < 2.3.5
  • HIGH7.5CVE-2020-9587Magento authorization bypass vulnerability
    >= 2.2.0, < 2.2.12, >= 2.3.0, < 2.3.5
  • HIGH7.5CVE-2020-3719Magento sql injection vulnerability
    >= 2.2.0, < 2.2.11, >= 2.3.0, < 2.3.4
  • HIGH7.2CVE-2024-34109Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that cou…
    >= 2.4.7-alpha0, < 2.4.7-p1, >= 2.4.6-alpha0, < 2.4.6-p6, >= 2.4.5-alpha0, < 2.4.5-p8, >= 2.4.4-alpha0, < 2.4.4-p9
  • HIGH7.2CVE-2024-34110Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Unrestricted Upload of File with Dangerous Type…
    >= 2.4.7-alpha0, < 2.4.7-p1, >= 2.4.6-alpha0, < 2.4.6-p6, >= 2.4.5-alpha0, < 2.4.5-p8, >= 2.4.4-alpha0, < 2.4.4-p9
  • HIGH7.2CVE-2020-9588Magento Signature verification bypass
    >= 2.2.0, < 2.2.12, >= 2.3.0, < 2.3.5
  • HIGH7.1CVE-2020-24400SQL injection allows arbitrary read from database
    from 0, < 2.3.5, >= 2.4.0, < 2.4.1
  • MEDIUM6.9CVE-2021-28556Magento Commerce DOM-based cross-site scripting (XSS) could lead to arbitrary javascript execution
    from 0, < 2.3.7, >= 2.4.0, < 2.4.3
  • MEDIUM6.5CVE-2024-45132Magento Open Source Improper Authorization vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p3, >= 2.4.6-alpha0, < 2.4.6-p8, >= 2.4.5-alpha0, < 2.4.5-p10, from 0, < 2.4.4-p11
  • MEDIUM6.5CVE-2024-34111Magento Open Source Server-Side Request Forgery (SSRF) vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p1, >= 2.4.6-alpha0, < 2.4.6-p6, >= 2.4.5-alpha0, < 2.4.5-p8, >= 2.4.4-alpha0, < 2.4.4-p9
  • MEDIUM6.5CVE-2021-28563Magento Commerce improper Authorization via the 'Create Customer' endpoint
    from 0, < 2.3.7, >= 2.4.0, < 2.4.3
  • MEDIUM6.5CVE-2020-24401Incorrect permissions following the deletion of a user role or deactivation of a user
    from 0, < 2.3.5, >= 2.4.0, < 2.4.1
  • MEDIUM6.5CVE-2020-9692Magento security mitigation bypass vulnerability
    from 0, < 2.3.5
  • MEDIUM6.5CVE-2020-9689Magento path traversal vulnerability
    from 0, < 2.3.6
  • MEDIUM6.1CVE-2022-34257Magento stored Cross-Site Scripting (XSS) vulnerability
    >= 2.3.0, < 2.3.7, >= 2.4.0, < 2.4.3 | >= 2.3.7-p1, <= 2.3.7-p1, >= 2.3.7-p2, <= 2.3.7-p2, >= 2.3.7-p3, <= 2.3.7-p3, >= 2.3.7, <= 2.3.7, >= 2.4.3-p1, <= 2.4.3-p1, >= 2.4.3-p2, <= 2.4.3-p2, >= 2.4.3, <= 2.4.3, >= 2.4.4, <= 2.4.4
  • MEDIUM6.1CVE-2020-24408Stored XSS in customer address upload feature
    from 0, < 2.3.6, >= 2.4.0, < 2.4.1
  • MEDIUM6.1CVE-2020-9577Magento stored cross-site scripting vulnerability
    >= 2.2.0, < 2.2.12, >= 2.3.0, < 2.3.5
  • MEDIUM6.1CVE-2020-9581Magento stored cross-site scripting vulnerability
    >= 2.2.0, < 2.2.12, >= 2.3.0, < 2.3.5
  • MEDIUM6.1CVE-2020-3715Magento stored cross-site scripting vulnerability
    >= 2.2.0, < 2.2.11, >= 2.3.0, < 2.3.4
  • MEDIUM6.1CVE-2020-3758Magento stored cross-site scripting vulnerability
    >= 2.2.0, < 2.2.11, >= 2.3.0, < 2.3.4
  • MEDIUM5.6CVE-2021-21031Magento Commerce Failure To Invalidate User Session Could Lead To Unauthorized Access
    from 0, < 2.3.6, >= 2.4.0, < 2.4.1
  • MEDIUM5.6CVE-2021-21032Magento Commerce Failure To Invalidate User Session Could Lead To Unauthorized Access
    from 0, < 2.3.6, >= 2.4.0, < 2.4.1
  • MEDIUM5.5CVE-2022-34258Magento stored Cross-Site Scripting (XSS) vulnerability
    >= 2.3.0, < 2.3.7, >= 2.4.0, < 2.4.3 | >= 2.3.7-p1, <= 2.3.7-p1, >= 2.3.7-p2, <= 2.3.7-p2, >= 2.3.7-p3, <= 2.3.7-p3, >= 2.3.7, <= 2.3.7, >= 2.4.3-p1, <= 2.4.3-p1, >= 2.4.3-p2, <= 2.4.3-p2, >= 2.4.3, <= 2.4.3, >= 2.4.4, <= 2.4.4
  • MEDIUM5.4CVE-2024-45131Magento Open Source Improper Authorization vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p3, >= 2.4.6-alpha0, < 2.4.6-p8, >= 2.4.5-alpha0, < 2.4.5-p10, from 0, < 2.4.4-p11
  • MEDIUM5.4CVE-2024-45128Magento Open Source Improper Authorization vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p3, >= 2.4.6-alpha0, < 2.4.6-p8, >= 2.4.5-alpha0, < 2.4.5-p10, from 0, < 2.4.4-p11
  • MEDIUM5.4CVE-2021-28584Magento Commerce path traversal vulnerability in child theme store creation
    from 0, < 2.3.6, >= 2.4.1, < 2.4.2, >= 2.4.2, < 2.4.3
  • MEDIUM5.4CVE-2020-9584Magento Stored cross-site scripting
    >= 2.2.0, < 2.2.12, >= 2.3.0, < 2.3.5
  • MEDIUM5.3CVE-2024-45124Magento Open Source Improper Access Control vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p3, >= 2.4.6-alpha0, < 2.4.6-p8, >= 2.4.5-alpha0, < 2.4.5-p10, from 0, < 2.4.4-p11
  • MEDIUM5.3CVE-2024-34107Magento Open Source Improper Access Control vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p1, >= 2.4.6-alpha0, < 2.4.6-p6, >= 2.4.5-alpha0, < 2.4.5-p8, >= 2.4.4-alpha0, < 2.4.4-p9
  • MEDIUM5.3CVE-2024-34106Magento Open Source Incorrect Authorization vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p1, >= 2.4.6-alpha0, < 2.4.6-p6, >= 2.4.5-alpha0, < 2.4.5-p8, >= 2.4.4-alpha0, < 2.4.4-p9
  • MEDIUM5.3CVE-2022-34259Magento Improper Access Control vulnerability
    >= 2.3.0, < 2.3.7, >= 2.4.0, < 2.4.3 | >= 2.3.7-p1, <= 2.3.7-p1, >= 2.3.7-p2, <= 2.3.7-p2, >= 2.3.7-p3, <= 2.3.7-p3, >= 2.3.7, <= 2.3.7, >= 2.4.3-p1, <= 2.4.3-p1, >= 2.4.3-p2, <= 2.4.3-p2, >= 2.4.3, <= 2.4.3, >= 2.4.4, <= 2.4.4
  • MEDIUM5.3CVE-2021-28585Magento Commerce improper input validation in customer customer webapi
    from 0, < 2.3.6, >= 2.4.1, < 2.4.2, >= 2.4.2, < 2.4.3
  • MEDIUM5.3CVE-2021-21022Magento Commerce Incorrect permissions Could Lead To Unauthorized Access
    from 0, < 2.3.6, >= 2.4.0, < 2.4.1
  • MEDIUM5.3CVE-2021-21026Magento Commerce Incorrect permissions Could Lead To Unauthorized Access
    from 0, < 2.3.6, >= 2.4.0, < 2.4.1
  • MEDIUM5.3CVE-2021-21020Magento Commerce Improper Access Control Vulnerability
    from 0, < 2.3.6, >= 2.4.0, < 2.4.1
  • MEDIUM5.3CVE-2020-3717Magento Path Traversal
    >= 2.2.0, < 2.2.11, >= 2.3.0, < 2.3.4
  • MEDIUM5.0CVE-2021-28567Magento Commerce improper authorization allows an authenticated user to perform certain functions without permission
    from 0, < 2.4.3
  • MEDIUM4.9CVE-2020-24402Incorrect permissions in the Integrations component could lead to unauthorized deletion of customer details via REST API
    from 0, < 2.3.5, >= 2.4.0, < 2.4.1
  • MEDIUM4.8CVE-2024-45127Magento Open Source stored Cross-Site Scripting (XSS) vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p3, >= 2.4.6-alpha0, < 2.4.6-p8, >= 2.4.5-alpha0, < 2.4.5-p10, from 0, < 2.4.4-p11
  • MEDIUM4.8CVE-2024-34105Magento Open Source Cross-Site Scripting (XSS) vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p1, >= 2.4.6-alpha0, < 2.4.6-p6, >= 2.4.5-alpha0, < 2.4.5-p8, >= 2.4.4-alpha0, < 2.4.4-p9
  • MEDIUM4.8CVE-2021-21029Magento Commerce Reflected Cross-site Scripting Vulnerability Could Lead To Arbitrary JavaScript Execution
    from 0, < 2.3.6, >= 2.4.0, < 2.4.1
  • MEDIUM4.8CVE-2021-21023Magento Commerce Stored Cross Site Scripting Vulnerability Could Lead To Arbitrary Code Execution
    from 0, < 2.3.6, >= 2.4.0, < 2.4.1
  • MEDIUM4.3CVE-2024-45129Magento Open Source Improper Access Control vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p3, >= 2.4.6-alpha0, < 2.4.6-p8, >= 2.4.5-alpha0, < 2.4.5-p10, from 0, < 2.4.4-p11
  • MEDIUM4.3CVE-2024-45125Magento Open Source Incorrect Authorization vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p3, >= 2.4.6-alpha0, < 2.4.6-p8, >= 2.4.5-alpha0, < 2.4.5-p10, from 0, < 2.4.4-p11
  • MEDIUM4.3CVE-2024-45130Magento Open Source Improper Access Control vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p3, >= 2.4.6-alpha0, < 2.4.6-p8, >= 2.4.5-alpha0, < 2.4.5-p10, from 0, < 2.4.4-p11
  • MEDIUM4.3CVE-2021-21027Magento Commerce Cross-Site Request Forgery (CSRF) Could Lead To Unauthorized Data Modification
    from 0, < 2.3.6, >= 2.4.0, < 2.4.1
  • MEDIUM4.3CVE-2020-24405Incorrect permissions in Inventory module could lead to unauthorized modification of inventory stock data
    from 0, < 2.3.5, >= 2.4.0, < 2.4.1
  • MEDIUM4.2CVE-2020-9690Magento observable timing discrepancy vulnerability
    from 0, < 2.3.5
  • LOW3.7CVE-2021-28566Magento Commerce information disclosure during upload action leveraging a specially crafted file
    from 0, < 2.4.3
  • LOW3.7CVE-2020-24406Document root path disclosure on Maintenance page
    from 0, < 2.3.5, >= 2.4.0, < 2.4.1
  • LOW2.7CVE-2024-45133Magento Open Source Information Exposure vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p3, >= 2.4.6-alpha0, < 2.4.6-p8, >= 2.4.5-alpha0, < 2.4.5-p10, from 0, < 2.4.4-p11
  • LOW2.7CVE-2024-45149Magento Open Source Improper Access Control vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p3, >= 2.4.6-alpha0, < 2.4.6-p8, >= 2.4.5-alpha0, < 2.4.5-p10, from 0, < 2.4.4-p11
  • LOW2.7CVE-2024-45135Magento Open Source Improper Access Control vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p3, >= 2.4.6-alpha0, < 2.4.6-p8, >= 2.4.5-alpha0, < 2.4.5-p10, from 0, < 2.4.4-p11
  • LOW2.7CVE-2024-45134Magento Open Source Information Exposure vulnerability
    >= 2.4.7-alpha0, < 2.4.7-p3, >= 2.4.6-alpha0, < 2.4.6-p8, >= 2.4.5-alpha0, < 2.4.5-p10, from 0, < 2.4.4-p11
  • LOW2.7CVE-2020-24403Incorrect permissions could lead to unauthorized modification of inventory source data via REST API
    from 0, < 2.3.5, >= 2.4.0, < 2.4.1
  • LOW2.7CVE-2020-24404Incorrect permissions in Integrations component could lead to unauthorized deletion of cmsPages via REST API
    from 0, < 2.3.5, >= 2.4.0, < 2.4.1