CVE-2023-32065

MEDIUM5.8EPSS 0.25%

OroCommerce get-totals-for-checkout API endpoint returns unwanted data

Published: 11/27/2023Modified: 2/16/2024

Description

Detailed Checkout totals information may be received by Checkout ID

Affected packages (1)

CVSS scores

SourceVersionSeverityVector
osvCVSS 3.1MEDIUM5.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

References (3)