CVE-2023-45824

Published March 25th, 2024

View on NVD ↗

CVSS v3

4.3

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

OroPlatform is a PHP Business Application Platform (BAP). A logged in user can access page state data of pinned pages of other users by pageId hash. This vulnerability is fixed in 5.1.4.

oroinc/platform

Main OroPlatform package with core functionality.

GitHub

641