7.4 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
66.2%
A remote code execution vulnerability exists in Magento 1 prior to 1.9.x and 1.14.x. An authenticated admin user can modify configuration parameters via crafted support configuration. The modification can lead to remote code execution.
magento.com/security/patches/supee-11219