Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2019-8229

Disclosure Date: November 06, 2019 (last updated November 27, 2024)
In Magento prior to 1.9.4.3, and Magento prior to 1.14.4.3, an authenticated user with administrative privileges to edit product attributes can execute arbitrary code through crafted layout updates.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0