CVE-2019-8109
CVE-2019-8109 affects Magento: Magento 2.2 versions prior to 2.2.10 and Magento 2.3 versions prior to 2.3.3 (or 2.3.2-p1) are vulnerable. An authenticated user can craft a malicious CSRF payload that results in arbitrary command execution (remote code execution). The vulnerability is addressed by...