Количество 2
Количество 2
CVE-2019-7896
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to layouts can execute arbitrary code through a combination of product import, crafted csv file and XML layout update.
GHSA-2x55-mg9r-24f7
Magento 2 Community Edition RCE Vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-7896 A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to layouts can execute arbitrary code through a combination of product import, crafted csv file and XML layout update. | CVSS3: 7.2 | 1% Низкий | больше 6 лет назад |
| GHSA-2x55-mg9r-24f7 Magento 2 Community Edition RCE Vulnerability | CVSS3: 7.2 | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу