3 matches found
CVE-2021-36042
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper input validation vulnerability in the API File Option Upload Extension. An attacker with Admin privileges can achieve unrestricted file upload which can result in remote code...
CVE-2021-36042 Magento Commerce API File Option Upload Extension Improper Input Validation Vulnerability Could Lead To Remote Code Execution
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper input validation vulnerability in the API File Option Upload Extension. An attacker with Admin privileges can achieve unrestricted file upload which can result in remote code...
CVE-2021-36042
Magento Commerce CVE-2021-36042 describes an improper input validation vulnerability in the API File Option Upload Extension. A user with Admin privileges can upload unrestricted files, enabling remote code execution. Affected versions include 2.4.2 and earlier, 2.4.2-p1 and earlier, and 2.3.7 an...