Denial-of-Service Vulnerability in Magento Full Page Cache

Denial-of-Service Vulnerability in Magento Full Page Cache

CVE-2019-7915 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

A denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Under certain conditions, an unauthenticated attacker could force the Magento store's full page cache to serve a 404 page to customers.

Learn more about our Web Application Penetration Testing UK.