CVE-2020-9690: Magento vulnerability

Share this with people that should know this:

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass.

References

  • helpx.adobe.com/security/products/magento/apsb20-47.html
  • helpx.adobe.com/security/products/magento/apsb20-47.html
  • Share this with people that should know this: