The Fastly CDN module before 1.2.26 for Magento2, when used with a third-party authentication plugin, might allow remote authenticated users to obtain sensitive information from authenticated sessions via vectors involving caching of redirect responses.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| fastly/magento2(Packagist) | 0 | 1.2.26 | N/A |
CVSS Metrics
