GHSA-p6pv-q7rc-g4h9: Unauthenticated Spree Commerce users can view completed guest orders by Order ID

This issue may lead to disclosure of PII of guest users (including names, addresses and phone numbers).

References

Code Behaviors & Features

Detect and mitigate GHSA-p6pv-q7rc-g4h9 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →