CVE-2023-38208: Critical OS Command Injection Vulnerability in Adobe Commerce Affects Versions 2.4.6-p1 and Earlier
Adobe Commerce (formerly known as Magento) is an open-source e-commerce platform providing a robust set of tools for online merchants to manage their online stores.
CVE-2023-29297 – Critical Vulnerability in Adobe Commerce: Improper Neutralization of Special Elements Used in a Template Engine
Adobe Commerce, formerly known as Magento Commerce, is suffering from a critical vulnerability (CVE-2023-29297) that could allow attackers with admin privileges to execute arbitrary code.
CVE-2023-22247: XML Injection Vulnerability in Adobe Commerce leads to Arbitrary File System Read
If you're currently using Adobe Commerce version 2.4.4-p2 (or earlier) or 2.4.5-p1 (or earlier), you should be aware of
Episode
00:00:00
00:00:00