Описание
Magento remote code execution (RCE), Cross-Site Scripting (XSS) and other vulnerabilities
Magento Commerce and Open Source 2.2.5 and 2.1.14 contain multiple security enhancements that help close authenticated Admin user remote code execution (RCE), Cross-Site Scripting (XSS) and other vulnerabilities.
Пакеты
Наименование
magento/community-edition
composer
Затронутые версииВерсия исправления
>= 2.1, < 2.1.14
2.1.14
Наименование
magento/community-edition
composer
Затронутые версииВерсия исправления
>= 2.2, < 2.2.5
2.2.5