| |
Vulnerability CVE-2022-42344
Published: 2022-10-20
| Description: |
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the `V1/customers/me` endpoint to achieve information exposure and privilege escalation. |
Type:
CWE-20 (Improper Input Validation)
References: |
https://helpx.adobe.com/security/products/magento/apsb22-38.html
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
