3 matches found
CVE-2023-22247
Adobe Commerce versions 2.4.4-p2 and earlier and 2.4.5-p1 and earlier are affected by an XML Injection vulnerability that could lead to arbitrary file system read. An unauthenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of thi...
CVE-2023-22247
Adobe Commerce (Magento) XML Injection vulnerability CVE-2023-22247 affects 2.4.4-p2 and earlier, and 2.4.5-p1 and earlier. An unauthenticated attacker can force the application to make arbitrary requests by injecting URLs, potentially enabling arbitrary file system read. Impact is high for confi...
CVE-2023-22247 Adobe Commerce XML Injection Arbitrary file system read
Adobe Commerce versions 2.4.4-p2 and earlier and 2.4.5-p1 and earlier are affected by an XML Injection vulnerability that could lead to arbitrary file system read. An unauthenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of thi...