Home > Vulnerability Database > CVE-2023-32065

Mend.io Vulnerability Database

CVE-2023-32065

Good to know:

Date: November 27, 2023

OroCommerce is an open-source Business to Business Commerce application built with flexibility in mind. Detailed Order totals information may be received by Order ID. This issue is patched in version 5.0.11 and 5.1.1.

Language: PHP

Severity Score

5.8

Related Resources (3)

Url: https://github.com/oroinc/orocommerce/security/advisories/GHSA-88g2-xgh9-4ph2

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-32065

Url: https://www.mend.io/vulnerability-database/CVE-2023-32065

Severity Score

5.8

Weakness Type (CWE)

Improper Access Control

CWE-284

Top Fix

Upgrade Version

Upgrade to version 5.0.11,5.1.1

Learn More

CVSS v3.1

Base Score:	5.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	CHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2023-32065

Good to know:

Date: November 27, 2023

Language: PHP

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?