CVE-2020-24401
Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect authorization vulnerability. A user can st
Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect authorization vulnerability. A user can still access resources provisioned under their old role after an administrator removes the role or disables the user's account.
MEDIUM · CVSS 6.5
EPSS 0.00284
Monitor
- No active-exploitation, high-EPSS, or public-exploit signals - routine patching cadence
Sigma rules0
YARA rules0