Improper Redirect Vulnerability in Adobe Commerce
CVE-2026-48000
4.3MEDIUM
Key Information:
- Vendor
Adobe
- Vendor
- CVE Published:
- 14 July 2026
What is CVE-2026-48000?
Adobe Commerce has a vulnerability that involves improper redirects, allowing an attacker to create a malicious URL that can redirect users to an unauthorized site. This redirection can facilitate security feature bypass, leading to possible credential theft and account takeover if users fall victim to clicking such links. User interaction is necessary for exploitation of this vulnerability, emphasizing the need for heightened awareness and vigilance.
Affected Version(s)
Adobe Commerce 0 <= 2.4.9, 2.4.8-p5, 2.4.7-p10, 2.4.6-p15, 2.4.5-p17, 2.4.4-p18
Adobe Commerce 0 <= 2.4.9, 2.4.8-p5, 2.4.7-p10, 2.4.6-p15, 2.4.5-p17, 2.4.4-p18
Adobe Commerce B2B 0 <= 1.5.3, 1.5.2-p5, 1.4.2-p10, 1.3.4-p17, 1.3.3-p18