CVE-2021-21025
CVE-2021-21025 impacts Magento Commerce/Open Source versions 2.4.1 and earlier, 2.4.0-p1 and earlier, and 2.3.6 and earlier. The issue is an XML injection vulnerability in the product layout updates that could allow an authenticated attacker with admin console access to achieve arbitrary code exe...