CVE-2021-28585

Improper Input Validation in packagist/magento/community-edition

Identifier

CVE-2021-28585

Package Slug

packagist/magento/community-edition

Vulnerability

Improper Input Validation

Description

Magento is affected by an improper input validation vulnerability in the New customer WebAPI. Successful exploitation could allow an attacker to send unsolicited spam e-mails.

Affected Versions

All versions before 2.3.6, all versions starting from 2.4.0 up to 2.4.2

Solution

Upgrade to versions 2.3.6, 2.4.2-p1 or above.

Last Modified

2021-07-08

source