CVE-2021-32758

XPath Injection in packagist/openmage/magento-lts

Identifier

CVE-2021-32758

Package Slug

packagist/openmage/magento-lts

Vulnerability

XPath Injection

Description

Admin users can execute arbitrary commands via block methods.

Affected Versions

All versions before 19.4.15, all versions starting from 20.0.00 before 20.0.11

Solution

Upgrade to versions 19.4.15, 20.0.11 or above.

Last Modified

2021-09-10

source