Undergoing Analysis
This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary.
The address-management feature in xt:Commerce 5.1 to 6.2.2 allows remote authenticated users to zero out other user’s stored addresses by manipulating an id field in the POST request for altering an address.