6.8 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
32.2%
Insufficient server-side validation of user input could allow an attacker to bypass file upload restrictions in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.
magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13