Magento RCE,XSS and other vulnerabilities · GHSA-8j7c-682x-r9f2 · GitHub Advisory Database · GitHub

Magento RCE,XSS and other vulnerabilities

Critical severity GitHub Reviewed Published May 15, 2024 to the GitHub Advisory Database • Updated May 15, 2024

Package

magento/community-edition (Composer)

Affected versions

>= 2.1, < 2.1.16

>= 2.2, < 2.2.7

Patched versions

2.1.16

2.2.7

Description

Magento Commerce and Open Source 2.3.0, 2.2.7 and 2.1.16 contain multiple security enhancements that help close Remote Code Execution (RCE), Cross-Site Scripting (XSS) and other vulnerabilities.

References

Published to the GitHub Advisory Database May 15, 2024

Reviewed May 15, 2024

Last updated May 15, 2024