CVE-2022-34253
Adobe Commerce/Magento Open Source instances using Widgets Module versions 2.4.3-p2 and earlier, 2.3.7-p3 and earlier, or 2.4.4 and earlier are affected by an XML Injection vulnerability. An attacker with admin privileges can trigger a crafted script to achieve remote code execution without user ...