3 matches found
CVE-2019-8119
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated admin user with import product privileges can delete files through bulk product import and inject code into XSLT file. The combination of these...
CVE-2019-8119
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated admin user with import product privileges can delete files through bulk product import and inject code into XSLT file. The combination of these...
CVE-2019-8119
CVE-2019-8119 affects Magento: Magento 2.1 up to 2.1.18, Magento 2.2 up to 2.2.9, and Magento 2.3 up to 2.3.2 are vulnerable. An authenticated admin with import product privileges can delete files via bulk product import and inject code into an XSLT file, enabling remote code execution. This is a...