CVE-2020-9632
packagist/magento/community-edition
Code Injection
Magento (see note) have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
All versions up to 1.9.4.4, all version starting from 1.14.4.0 up to 1.14.4.4, all versions starting from 2.2.0 up to 2.2.11, all versions starting from 2.3.0 up to 2.3.4
Upgrade to versions 1.9.4.5, 1.14.4.5, 2.3.5 or above.
2020-07-02
source |