ITSEC NewsOct 15, 2020
Critical Magento Holes Open Online Shops to Code Execution - Adobe says the two critical flaws (CVE-2020-24407 and CVE-2020-24400) could allow arbitrary code e... https://threatpost.com/critical-magento-holes-online-shops-code-execution/160181/ #fileuploadallowlistbypass #pre-authorization #vulnerabilities #cve-2020-24400 #cve-2020-24407 #codeexecution #criticalflaw #sqlinjection #websecurity #ecommerce #magecart #magento #adobe #patch #fix
Critical Magento Holes Open Online Shops to Code Execution

Adobe says the two critical flaws (CVE-2020-24407 and CVE-2020-24400) could allow arbitrary code execution as well as read or write access to the database.

Threatpost - English - Global - threatpost.com