CVE-2015-3457
Magento CE/EE <1.9.1.0-1.14.1.0 - Auth Bypass
Title source: llmDescription
Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allow remote attackers to bypass authentication via the forwarded parameter.
References (4)
Scores
EPSS
0.0896
EPSS Percentile
92.5%
Classification
CWE
CWE-287
Status
draft
Affected Products (2)
magento/magento
magento/magento
Timeline
Published
Apr 29, 2015
Tracked Since
Feb 18, 2026