Saleor up to 3.20.109/3.21.44/3.22.28 order authorization

Summaryinfo

A vulnerability has been found in Saleor up to 3.20.109/3.21.44/3.22.28 and classified as problematic. Impacted is the function order. Performing a manipulation results in authorization. This vulnerability is known as CVE-2026-24136. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.

Detailsinfo

A vulnerability classified as problematic has been found in Saleor up to 3.20.109/3.21.44/3.22.28. This affects the function order. The manipulation with an unknown input leads to a authorization vulnerability. CWE is classifying the issue as CWE-639. The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data. This is going to have an impact on confidentiality. The summary by CVE is:

Saleor is an e-commerce platform. Versions 3.2.0 through 3.20.109, 3.21.0-a.0 through 3.21.44 and 3.22.0-a.0 through 3.22.28 have a n Insecure Direct Object Reference (IDOR) vulnerability that allows unauthenticated actors to extract sensitive information in plain text. Orders created before Saleor 3.2.0 could have PIIs exfiltrated. The issue has been patched in Saleor versions: 3.22.29, 3.21.45, and 3.20.110. To workaround, temporarily block non-staff users from fetching order information (the order() GraphQL query) using a WAF.

The advisory is shared at github.com. This vulnerability is uniquely identified as CVE-2026-24136 since 01/21/2026. The exploitability is told to be easy. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. Technical details are known, but no exploit is available.

Upgrading to version 3.20.110, 3.21.45 or 3.22.29 eliminates this vulnerability. Applying the patch 5dab1857fbb2801f74e2bfe86f307e4590d9d2fa is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Productinfo

Name

• Saleor

Version

• 3.20.109
• 3.21.0
• 3.21.1
• 3.21.2
• 3.21.3
• 3.21.4
• 3.21.5
• 3.21.6
• 3.21.7
• 3.21.8
• 3.21.9
• 3.21.10
• 3.21.11
• 3.21.12
• 3.21.13
• 3.21.14
• 3.21.15
• 3.21.16
• 3.21.17
• 3.21.18
• 3.21.19
• 3.21.20
• 3.21.21
• 3.21.22
• 3.21.23
• 3.21.24
• 3.21.25
• 3.21.26
• 3.21.27
• 3.21.28
• 3.21.29
• 3.21.30
• 3.21.31
• 3.21.32
• 3.21.33
• 3.21.34
• 3.21.35
• 3.21.36
• 3.21.37
• 3.21.38
• 3.21.39
• 3.21.40
• 3.21.41
• 3.21.42
• 3.21.43
• 3.21.44
• 3.22.0
• 3.22.1
• 3.22.2
• 3.22.3
• 3.22.4
• 3.22.5
• 3.22.6
• 3.22.7
• 3.22.8
• 3.22.9
• 3.22.10
• 3.22.11
• 3.22.12
• 3.22.13
• 3.22.14
• 3.22.15
• 3.22.16
• 3.22.17
• 3.22.18
• 3.22.19
• 3.22.20
• 3.22.21
• 3.22.22
• 3.22.23
• 3.22.24
• 3.22.25
• 3.22.26
• 3.22.27
• 3.22.28

License

• open-source

Website

• Product: https://github.com/saleor/saleor/

CPE 2.3info

• 🔒
• 🔒
• 🔒

CPE 2.2info

• 🔒
• 🔒
• 🔒

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Discussion