Unintended User Role Deletion Vulnerability in Magento 2.x
CVE-2019-7874 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
A cross-site request forgery vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can result in unintended deletion of user roles.
Learn more about our User Device Pen Test.