8 matches found
PRODSECBUG-2445: Insufficient logging and monitoring of configuration changes
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2417: Remote code execution via vulnerable Symphony dependecy injection
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2344: Cross-Site Scripting via wysiwyg editor
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2425: Cross-Site Scripting via Signifyd Guarantee Option Translation Override
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2414: Remote code execution through custom layout update of the content management functionality
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2223: Remote code execution when using functionality that imports a new product
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2446: Remote code execution via custom layout update in create product functionality
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2344: Cross-Site Scripting via wysiwyg editor
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...