cbcvebase.
CVE-2015-3457
published 2015-04-29

CVE-2015-3457: Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allow remote attackers to bypass authentication via the forwarded parameter.

PriorityP344medium5CVSS 2.0
AVNACLAuNCNIPAN
EPSS
25.22%
97.7th percentile
Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allow remote attackers to bypass authentication via the forwarded parameter.

Affected

2 ranges
VendorProductVersion rangeFixed in
magentomagento
magentomagento
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.