CVE-2020-9579
Code Injection in packagist/magento/community-edition
Identifiers
CVE-2020-9579
Package Slug
packagist/magento/community-edition
Vulnerability
Code Injection
Description
Magento has a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
Affected Versions
All versions up to 1.9.4.4, all versions starting from 2.2.0 up to 2.2.11, all versions starting from 2.3.0 up to 2.3.4
Solution
Upgrade to versions 2.0.0, 2.3.5 or above.
Last Modified
2020-07-02
| source |