Description
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. Successful exploitation could lead to unauthorized access to admin panel.
Remediation
References
Related Vulnerabilities
PHP Improper Input Validation Vulnerability (CVE-2014-3710)
WordPress Plugin Contact Form 7 Database Information Disclosure (1.3)
Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.13)
WordPress Plugin Image Slider Arbitrary File Deletion (1.1.89)
WordPress Plugin Candidate Application Form Arbitrary File Download (1.0)