7.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
36.3%
In Magento Open Source prior to 1.9.4.3, and Magento Commerce prior to 1.14.4.3, an authenticated user with administrative privileges for editing attribute sets can execute arbitrary code through custom layout modification.
magento.com/security/patches/supee-11219
nvd.nist.gov/vuln/detail/CVE-2019-8231