Description
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
Remediation
References
Related Vulnerabilities
PHP Improper Handling of Exceptional Conditions Vulnerability (CVE-2014-1943)
Moodle Incorrect Authorization Vulnerability (CVE-2020-14321)
WordPress Plugin RestroPress-Online Food Ordering System Security Bypass (2.8.3)
Contao Key Management Errors Vulnerability (CVE-2019-10643)
WordPress Plugin Livefyre Comments 3 Cross-Site Scripting (4.1.4)