CVE-2020-26295

CVE-2020-26295

OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, an administrator with permission to import/export data and to edit cms pages was able to inject an executable file on the server via layout xml.

The latest OpenMage Versions up from 19.4.9 and 20.0.5 have this Issue solved

Source: CVE-2020-26295

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다