CVE Published: 05/11/2019 |
CVE Updated: 04/08/2024 |
CVE Year: 2019 Source: adobe |
Vendor: Adobe Systems Incorporated |
Product: Magento 2 Status : PUBLISHED
CVE-2019-8109 Description
A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can craft a malicious CSRF payload that can result in arbitrary command execution.