cancel
Showing results for 
Search instead for 
Did you mean: 

/rest/default/V1/guest-carts/ open to DDOS

   Did you know you can see the translated content as per your choice?

Translation is in progress. Please check again after few minutes.

Re: /rest/default/V1/guest-carts/ open to DDOS

But the IP is not the server, the request comes from the users browser and clearly the attackers have figured out how to easily spoof the referrer etc.

 

It's insane to me this is so easily exploited without an official patch / workaround. As usual seems like Magento OS customers are just left to whither on the vine...