PT-2024-40137 · Adobe · Magento Commerce+1
Published
2024-05-15
·
Updated
2024-05-15
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions:
Magento Commerce versions prior to 1.14.4.0
Magento Open Source versions prior to 1.9.4.0
Description:
The issue concerns remote code execution (RCE), cross-site scripting (XSS), and cross-site request forgery (CSRF) among other vulnerabilities.
Recommendations:
For Magento Commerce versions prior to 1.14.4.0, update to version 1.14.4.0 to resolve the issue.
For Magento Open Source versions prior to 1.9.4.0, update to version 1.9.4.0 to resolve the issue.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Magento Commerce
Magento Open Source