Adobe fixed a critical flaw in its Commerce and Magento Open Source platforms that allows an attacker to take over customer accounts. Adobe addressed a critical vulnerability, tracked as CVE-2025-54236 (aka SessionReaper, CVSS score of 9.1) in its Commerce and Magento Open Source platforms. The vulnerability is an improper input validation flaw. >>The bug, dubbed […]
First seen on securityaffairs.com
Jump to article: securityaffairs.com/182075/security/critical-flaw-sessionreaper-in-commerce-and-magento-platforms-lets-attackers-hijack-customer-accounts.html
