Adobe-owned Magento has plugged multiple critical vulnerabilities in its eponymous content management system, the most severe of which could be exploited by attackers to achieve arbitrary code execution. About the fixed vulnerabilities According to the newest Magento-themed security bulletin (now published as an Adobe security bulletin), three of the six fixed flaws are critical and three are important. In the “critical” category are a deserialization of untrusted data (CVE-2020-3716) and a security bypass (CVE-2020-3718) that … More
The post Magento patches critical code execution vulnerabilities, upgrade ASAP! appeared first on Help Net Security.
Advertise on IT Security News.
Read the complete article: Magento patches critical code execution vulnerabilities, upgrade ASAP!