First published: Wed May 15 2024(Updated: )
Magento Commerce and Open Source 2.2.5 and 2.1.14 contain multiple security enhancements that help close authenticated Admin user remote code execution (RCE), Cross-Site Scripting (XSS) and other vulnerabilities.
Affected Software | Affected Version | How to fix |
---|---|---|
composer/magento/community-edition | >=2.2<2.2.5 | 2.2.5 |
composer/magento/community-edition | >=2.1<2.1.14 | 2.1.14 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.