CVE-2020-24406

Path Traversal in packagist/magento/community-edition

Identifier

CVE-2020-24406

Package Slug

packagist/magento/community-edition

Vulnerability

Path Traversal

Description

When in maintenance mode, Magento This information could be helpful to attackers if they are able to identify other exploitable vulnerabilities in the environment.

Affected Versions

All versions before 2.3.5, version 2.4.0

Solution

Upgrade to versions 2.3.6, 2.4.1 or above.

Last Modified

2020-11-15

source