CVE-2021-28585: Improper Input Validation

June 28, 2021 (updated July 6, 2021)

Magento is affected by an improper input validation vulnerability in the New customer WebAPI. Successful exploitation could allow an attacker to send unsolicited spam e-mails.

References

helpx.adobe.com/security/products/magento/apsb21-30.html
nvd.nist.gov/vuln/detail/CVE-2021-28585

Detect and mitigate CVE-2021-28585 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →