Khrysev

**Name of the Vulnerable Software and Affected Versions** OroPlatform versions prior to 5.1.4 **Description** The issue concerns OroPlatform, a PHP Business Application Platform (BAP), where navigation history, most viewed, and favorite navigation items are returned to a storefront user in a JSON navigation response if the ID of the storefront user matches the ID of a back-office user. **Recommendations** For versions prior to 5.1.4, update to version 5.1.4 to resolve the issue. As a temporary workaround, consider restricting access to sensitive navigation items until the update is applied.

**Name of the Vulnerable Software and Affected Versions** OroPlatform versions prior to 5.1.4 **Description** A logged in user can access page state data of pinned pages of other users by pageId hash. This issue allows unauthorized access to sensitive information. **Recommendations** For versions prior to 5.1.4, update to version 5.1.4 to resolve the issue. As a temporary workaround, consider restricting access to the `PagestateController` to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** OroCalendarBundle versions prior to 5.0.4 OroCalendarBundle versions prior to 5.1.1 **Description** The issue allows back-office users to access information from any call event, bypassing ACL security restrictions due to insufficient security checks. This is related to the Calendar feature and functionality in Oro applications. **Recommendations** For OroCalendarBundle versions prior to 5.0.4, update to version 5.0.4 or later to resolve the issue. For OroCalendarBundle versions prior to 5.1.1, update to version 5.1.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** OroCommerce versions prior to 5.0.11 OroCommerce versions prior to 5.1.1 **Description** The issue allows detailed order totals information to be received by Order ID, and detailed checkout totals information may be received by Checkout ID. **Recommendations** For versions prior to 5.0.11, update to version 5.0.11 or later. For versions prior to 5.1.1, update to version 5.1.1 or later.

**Name of the Vulnerable Software and Affected Versions** OroCommerce versions prior to 5.0.11 OroCommerce versions prior to 5.1.1 **Description** The issue allows back-office users to access information about Customer and Customer User menus, bypassing ACL security restrictions due to insufficient security checks. **Recommendations** For versions prior to 5.0.11, update to version 5.0.11 or later to resolve the issue. For versions prior to 5.1.1, update to version 5.1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Customer and Customer User menus until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** OroPlatform versions prior to 5.1.1 **Description** The issue affects the OroPlatform package, which is used for system and user calendar management. It allows back-office users to access information from any system calendar event, bypassing ACL security restrictions due to insufficient security checks. **Recommendations** For versions prior to 5.1.1, update to version 5.1.1 to resolve the issue. As a temporary workaround, consider restricting access to calendar events to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** OroCommerce versions 4.1.0 through 4.1.13 OroCommerce versions 4.2.0 through 4.2.10 OroCommerce versions 5.0.0 through 5.0.10 OroCommerce versions 5.1.0 **Description** The issue allows a JS payload added to the product name to be executed at the storefront when adding a note to the shopping list line item containing a vulnerable product. An attacker can edit a product in the admin area and force a user to add this product to the Shopping List and click add a note for it. **Recommendations** For versions 4.1.0 through 4.1.13, update to version 5.0.11 or later. For versions 4.2.0 through 4.2.10, update to version 5.0.11 or later. For versions 5.0.0 through 5.0.10, update to version 5.0.11. For version 5.1.0, update to version 5.1.1.