CVE-2020-9690 in Magento
Resumen
por MITRE
Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.