6.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.3%
An arbitrary file deletion vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated users can manipulate the design layout update feature.
magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update