CVE-2019-8150
CVE-2019-8150 is a remote code execution vulnerability in Magento. It affects Magento 2.2.x before 2.2.10 and Magento 2.3.x before 2.3.3 or 2.3.2-p1. An authenticated user with privileges to manipulate layouts and images can insert a malicious payload into the page layout, resulting in RCE with H...