CVE-2019-8144
Magento 2.3 (before 2.3.3 or 2.3.2-p1) is affected by a remote code execution vulnerability via PageBuilder template methods. An unauthenticated attacker can supply a payload to achieve RCE. Mitigation is to apply the Magento security patch 2.3.3 (and 2.2.10) as cited in security advisories; no e...