2 matches found
CVE-2021-36025
Magento Commerce is affected by an improper input- validation vulnerability in the customer-details save flow. Affected: Magento Commerce v2.4.2 and earlier, v2.4.2-p1 and earlier, and v2.3.7 and earlier. Root cause: improper input validation when saving a customer’s details with a specially craf...
CVE-2021-36025 Magento Commerce Customer Edition Improper Input Validation Could Lead To Remote Code Execution
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper input validation vulnerability while saving a customer's details with a specially crafted file. An authenticated attacker with admin privileges can leverage this vulnerability to...