CVE-2021-39217

Published
View on NVD ↗
CVSS v3
7.2
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, Custom Layout enabled admin users to execute arbitrary commands via block methods. Versions 19.4.22 and 20.0.19 contain patches for this issue.

OpenMage/magento-lts
OpenMage/magento-lts
Official OpenMage LTS codebase | Migrate easily from Magento Community Edition in minutes! Download the source code for free or contribute to OpenMage LTS | Security vulnerability patches, bug fixes, performance improvements and more.
GitHubGitHub
921