sylius/sylius is vulnerable to Information Disclosure. The vulnerability is due to the /api/v2/shop/adjustments/{id} endpoint, which allows an attacker to enumerate valid adjustment IDs to retrieve order tokens and access sensitive guest customer…Read More