PT-2024-40098 — Adobe Magento Commerce+1

PT-2024-40098 · Adobe · Magento Commerce+1

Published

2024-05-15

Updated

2024-05-15

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions: Magento Commerce and Open Source versions prior to 2.2.5 Magento Commerce and Open Source versions prior to 2.1.14

Description: The issue concerns remote code execution (RCE), Cross-Site Scripting (XSS), and other security problems.

Recommendations: For versions prior to 2.2.5, update to version 2.2.5 or later to address the security issues. For versions prior to 2.1.14, update to version 2.1.14 or later to address the security issues.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

GHSA-5GMH-85X8-5CX7

Affected Products

Magento Commerce

Magento Open Source