PT-2020-8477 · Yopify · Yopify

Oliver Keyes

Published

2020-01-15

Updated

2020-01-22

CVE-2017-3211

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Yopify up to April 06, 2017

Description: The issue allows unauthorized access to customer data, including the first name, last initial, city, and recent purchase information, without user authorization.

Recommendations: For versions up to April 06, 2017, update to a version released after April 06, 2017, to resolve the issue.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-213

Related Identifiers

CVE-2017-3211

Affected Products

Yopify

PT-2020-8477 · Yopify · Yopify

CVE-2017-3211

Weakness Enumeration

Related Identifiers

Affected Products

References · 3