CVE-2021-21064
CVE-2021-21064 affects Magento UPWARD-php (versions 1.1.4 and earlier) via the UPWARD Connector (versions 1.1.2 and earlier). The issue is a path traversal vulnerability caused by the upload feature that could let an attacker with admin console access upload a malicious YAML file and read arbitra...