Vulnerabilities > Mirumee

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-30	CVE-2020-15085	Cleartext Storage of Sensitive Information vulnerability in Mirumee Saleor In Saleor Storefront before version 2.10.3, request data used to authenticate customers was inadvertently cached in the browser's local storage mechanism, including credentials. local low complexity mirumee CWE-312	6.1
2020-01-24	CVE-2020-7964	Missing Authentication for Critical Function vulnerability in Mirumee Saleor An issue was discovered in Mirumee Saleor 2.x before 2.9.1. network low complexity mirumee CWE-306	5.3
2019-07-15	CVE-2019-1010304	Missing Authorization vulnerability in Mirumee Saleor Saleor Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. network low complexity mirumee CWE-862	5.3
2019-07-14	CVE-2019-13594	Cross-Site Request Forgery (CSRF) vulnerability in Mirumee Saleor 2.7.0 In Mirumee Saleor 2.7.0 (fixed in 2.8.0), CSRF protection middleware was accidentally disabled, which allowed attackers to send a POST request without a valid CSRF token and be accepted by the server. network low complexity mirumee CWE-352	8.8

Vulnerabilities > Mirumee {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Mirumee"}]}