CVE-2021-21427

Published April 21st, 2021

View on NVD ↗

CVSS v3

9.1

CRITICAL

CVSS v2

6.5

MEDIUM

Affected

PROJECT

Description

Magento-lts is a long-term support alternative to Magento Community Edition (CE). A vulnerability in magento-lts versions before 19.4.13 and 20.0.9 potentially allows an administrator unauthorized access to restricted resources. This is a backport of CVE-2021-21024. The vulnerability is patched in versions 19.4.13 and 20.0.9.

OpenMage/magento-lts

Official OpenMage LTS codebase | Migrate easily from Magento Community Edition in minutes! Download the source code for free or contribute to OpenMage LTS | Security vulnerability patches, bug fixes, performance improvements and more.

GitHub

921