8 matches found
GHSA-8CJG-F53M-8M9Q Magento XML Injection vulnerability in the Widgets Update Layout
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution...
Input validation
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution...
GHSA-3X9X-VHQJ-CV27 Magento XML Injection vulnerability in the Widgets Update Layout
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution...
Magento XML Injection vulnerability in the Widgets Update Layout
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution...
CVE-2021-36022
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution...
Input validation
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution...
PT-2021-6363 · Adobe · Magento Commerce
Name of the Vulnerable Software and Affected Versions: Magento Commerce versions 2.4.2 and earlier Magento Commerce versions 2.4.2-p1 and earlier Magento Commerce versions 2.3.7 and earlier Description: The issue is related to an XML Injection vulnerability in the Widgets Update Layout. An attack...
PT-2021-6352 · Adobe · Magento Commerce
Name of the Vulnerable Software and Affected Versions: Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier Magento Commerce version 2.3.7 and earlier Description: The issue is related to an XML Injection vulnerability in the Widgets Update Layout of Magento Commerce. This...