Filtered by vendor Sparksolutions
Subscriptions
Filtered by product Spree
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-15269 | 1 Sparksolutions | 1 Spree | 2021-11-18 | 9.1 Critical |
| In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens could be used to access Storefront API v2 endpoints. The issue is patched in versions 3.7.11, 4.0.4 and 4.1.11. A workaround without upgrading is described in the linked advisory. | ||||
Page 1 of 1.