4 matches found
GHSA-FVRF-9428-527M Backport for CVE-2021-21024 Blind SQLi from Magento 2
Impact This vulnerability allows an administrator unauthorized access to restricted resources. We fixed a vulnerability in the MySQL adapter to prevent SQL injection attacks. This is a backport of CVE-2021-21024 https://helpx.adobe.com/security/products/magento/apsb21-08.html. Patches Has the...
Backport for CVE-2021-21024 Blind SQLi from Magento 2
Impact This vulnerability allows an administrator unauthorized access to restricted resources. We fixed a vulnerability in the MySQL adapter to prevent SQL injection attacks. This is a backport of CVE-2021-21024 https://helpx.adobe.com/security/products/magento/apsb21-08.html. Patches Has the...
CVE-2021-21024 Magento Commerce Blind SQL Injection Could Lead To Unauthorized Access
Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are affected by a blind SQL injection vulnerability in the Search module. Successful exploitation could lead to unauthorized access to restricted resources by an unauthenticated attacker. Access to the admin console is...
CVE-2021-21024
The CVE-2021-21024 entry details a blind SQL injection in Magento’s Search module affecting Magento Community editions up to 2.4.1 (and earlier) and 2.4.0-p1, 2.3.6 (and earlier). The underlying issue enables an unauthenticated attacker, with admin console access, to potentially view restricted r...