Lucene search
GoogleOSV:GHSA-J837-VM6W-6QCVHistoryMay 24, 2022 - 4:52 p.m.
Magento 2 Community Edition Unsafe File Upload
2022-05-2416:52:23
Google
osv.dev
8
0.001 Low
EPSS
Percentile
32.2%
Insufficient server-side validation of user input could allow an attacker to bypass file upload restrictions in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.
References
github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7861.yaml
github.com/magento/magento2
magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13
nvd.nist.gov/vuln/detail/CVE-2019-7861
web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13
Related
cve
cve
CVE-2019-7861
2019-08-02 22:15:15
github
github
Magento 2 Community Edition Unsafe File Upload
2022-05-24 16:52:23
prion
prion
Design/Logic Flaw
2019-08-02 22:15:00
osv
osv
CVE-2019-7861
2019-08-02 22:15:15
cvelist
cvelist
CVE-2019-7861
2019-08-02 21:13:46
nvd
nvd
CVE-2019-7861
2019-08-02 22:15:15
friendsofphp
friendsofphp
openvas
openvas