Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a path traversal vulnerability. Successful exploitation could lead to arbitrary code execution.
2020-07-29T13:15:10.493
2024-11-21T05:41:06.300
Modified
CVSSv3.1: 6.5 (MEDIUM)
AV:N/AC:M/Au:S/C:C/I:C/A:C
6.8
10.0
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | magento | magento | < 2.3.5 | Yes |
Application | magento | magento | < 2.3.5 | Yes |
Application | magento | magento | 2.3.5 | Yes |
Application | magento | magento | 2.3.5 | Yes |
Application | magento | magento | 2.3.5 | Yes |
Application | magento | magento | 2.3.5 | Yes |