CVE-2023-32065
5.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Summary
OroCommerce is an open-source Business to Business Commerce application built with flexibility in mind. Detailed Order totals information may be received by Order ID. This issue is patched in version 5.0.11 and 5.1.1.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| oroinc | orocommerce | >= 4.2.0, <= 4.2.10 | affected |
| oroinc | orocommerce | >= 5.0.0, < 5.0.11 | affected |
| oroinc | orocommerce | >= 5.1.0, < 5.1.1 | affected |
Weaknesses
- CWE-284: CWE-284: Improper Access Control
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.