magento/community-edition is vulnerable to remote code execution (RCE). The vulnerability exists as a user with admin privileges to email templates can execute arbitrary code by previewing a malicious template.
CPE | Name | Operator | Version |
---|---|---|---|
magento/community-edition | le | 2.1.17 | |
magento/community-edition | le | 2.2.8 | |
magento/community-edition | le | 2.3.1 |