CVE-2020-26285
OpenMage/OpenMage LTS is affected by CVE-2020-26285 in versions prior to 19.4.10 and 20.0.5. The issue enables remote code execution when an administrator with import/export data and widget-creation permissions can inject an executable file onto the server. Impact is partial confidentiality/integ...