VDB
KO
HIGH 7.5

GHSA-g8pg-33v4-9r96

Thelia authentication bypass vulnerability

Details

An authentication bypass was identifed in thelia/thelia project for customer and admin. This vulnerability is present from version 2.0.0-beta1 and is fixed in 2.1.3 and 2.2.0-alpha1.

Are you affected?

Enter the version of the package you're using.

Affected packages

Packagist / thelia/thelia
Introduced in: 2.0.0-beta1 Fixed in: 2.1.3
Fix composer require thelia/thelia:^2.1.3

References