2 matches found
Magento Path Traversal vulnerability via the `theme[preview_image]` parameter
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by a Path Traversal vulnerability via the themepreviewimage parameter. An attacker with admin privileges could leverage this vulnerability to achieve remote code execution...
GHSA-7W95-QWHH-Q9P3 Magento Path Traversal vulnerability via the `theme[preview_image]` parameter
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by a Path Traversal vulnerability via the themepreviewimage parameter. An attacker with admin privileges could leverage this vulnerability to achieve remote code execution...