2 matches found
CVE-2021-36035 Magento Commerce Stock Media Improper Input Validation Could Lead To Remote Code Execution
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper input validation vulnerability. An attacker with admin privileges could make a crafted request to the Adobe Stock API to achieve remote code execution...
CVE-2021-36035
CVE-2021-36035 affects Magento Commerce (2.4.2 and earlier; 2.4.2-p1 and earlier; 2.3.7 and earlier). The root cause is improper input validation in the Magento Stock Media flow, allowing an attacker with admin privileges to send a crafted request to the Adobe Stock API and achieve remote code ex...