CVE-2020-24407

Unrestricted Upload of File with Dangerous Type in packagist/magento/community-edition

Identifier

CVE-2020-24407

Package Slug

packagist/magento/community-edition

Vulnerability

Unrestricted Upload of File with Dangerous Type

Description

Magento This vulnerability could be abused by authenticated users with administrative permissions to the System/Data and Transfer/Import components.

Affected Versions

All versions up to 2.4.0

Solution

Upgrade to version 2.4.1 or above.

Last Modified

2020-11-16

source