Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-7890

An Insecure Direct Object Reference (IDOR) vulnerability exists in the order processing workflow of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead to unauthorized access to order details.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.8%
CVSS Severity
CVSS v3 Score 7.3
CVSS v2 Score 7.5
Products affected by CVE-2019-7890


Contact Us

Shodan ® - All rights reserved