PT-2024-40195 — Adobe Magento Commerce+1

PT-2024-40195 · Adobe · Magento Commerce+1

Published

2024-05-15

Updated

2024-05-15

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions: Magento Commerce and Open Source versions prior to 2.3.0 Magento Commerce and Open Source versions prior to 2.2.7 Magento Commerce and Open Source versions prior to 2.1.16

Description: The issue concerns Remote Code Execution (RCE) and Cross-Site Scripting (XSS) among other vulnerabilities.

Recommendations: For versions prior to 2.3.0, update to version 2.3.0 or later to resolve the issue. For versions prior to 2.2.7, update to version 2.2.7 or later to resolve the issue. For versions prior to 2.1.16, update to version 2.1.16 or later to resolve the issue.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

GHSA-8J7C-682X-R9F2

Affected Products

Magento Commerce

Magento Open Source