PT-2025-32868 · Adobe · Commerce
Published
2025-08-12
·
Updated
2025-08-15
·
CVE-2025-49559
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
Adobe Commerce versions 2.4.9-alpha1 through 2.4.4-p14
Description:
Adobe Commerce is affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') issue, which could bypass a security feature. An attacker could exploit this issue to modify limited data. Exploitation of this issue does not require user interaction.
Recommendations:
Update to a version later than 2.4.4-p14.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Commerce