Description
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
Remediation
References
Related Vulnerabilities
WebLogic CVE-2019-2568 Vulnerability (CVE-2019-2568)
Jenkins Improper Input Validation Vulnerability (CVE-2013-0331)
Moodle Configuration Vulnerability (CVE-2012-3392)
WordPress Plugin uContext for Clickbank Cross-Site Request Forgery (3.9.1)
Drupal Improper Input Validation Vulnerability (CVE-2012-1589)