CVE-2023-29294 (commerce, magento)

Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by a Business Logic Errors vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass a minor functionality. Exploitation of this issue does not require user interaction.

adobe adobe commerce business bypass commerce cve errors exploitation feature issue logic low magento privileged result security security feature bypass vulnerability