Lucene search
GoogleOSV:CVE-2021-28584HistoryJun 28, 2021 - 2:15 p.m.
CVE-2021-28584
2021-06-2814:15:11
Google
osv.dev
3
Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a Path Traversal vulnerability when creating a store with child theme.Successful exploitation could lead to arbitrary file system write by an authenticated attacker. Access to the admin console is required for successful exploitation.
| CPE | Name | Operator | Version |
|---|---|---|---|
| devdocs | eq | 0.42.0-beta1 | |
| devdocs | eq | 2.1.18 | |
| devdocs | eq | 2.2.0-RC1.1 | |
| devdocs | eq | 2.3.3 | |
| devdocs | eq | 0.1.0-alpha107 | |
| devdocs | eq | 0.42.0-beta2 | |
| devdocs | eq | 2.3.4 | |
| devdocs | eq | 2.2.2 | |
| devdocs | eq | 2.2.0-RC1.2 | |
| devdocs | eq | 2.1.8 |
Related
osv
osv
BIT-magento-2021-28584
2024-03-06 10:58:13
Magento Path Traversal vulnerability
2022-05-24 19:06:24
prion
prion
Path traversal
2021-06-28 14:15:00
cve
cve
CVE-2021-28584
2021-06-28 14:15:11
github
github
Magento Path Traversal vulnerability
2022-05-24 19:06:24
cvelist
cvelist
nvd
nvd
CVE-2021-28584
2021-06-28 14:15:11
adobe
adobe
APSB21-30 Security updates available for Magento
2021-05-11 00:00:00