Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-qj54-wmjw-h6gf

GitHub Security Advisory

⚠ Unreviewed HIGH Has CVE
View on GitHub

Advisory Details

In SAP Commerce, a user can misuse the forgotten
password functionality to gain access to a Composable Storefront B2B site for
which early login and registration is activated, without requiring the merchant
to approve the account beforehand. If the site is not configured as isolated
site, this can also grant access to other non-isolated early login sites, even
if registration is not enabled for those other sites.

Related CVEs

CVE-2024-39597

Key Information

GHSA ID
GHSA-qj54-wmjw-h6gf
Published
July 9, 2024 6:30 AM
Last Modified
July 9, 2024 6:30 AM
CVSS Score
7.5 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: June 18, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.