Description
A remote code execution vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can insert a malicious payload through PageBuilder template methods.
Remediation
References
Related Vulnerabilities
WordPress Plugin Sticky Ad Bar Cross-Site Scripting (1.3.1)
IBM RTC Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2020-4544)
Chamilo Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-34959)
OpenSSL Inadequate Encryption Strength Vulnerability (CVE-2014-0224)