Description

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have an sql injection vulnerability. Successful exploitation could lead to sensitive information disclosure.

Remediation

References

CVE-2020-3719

Related Vulnerabilities

MySQL CVE-2016-0546 Vulnerability (CVE-2016-0546)

Oracle JRE CVE-2013-0809 Vulnerability (CVE-2013-0809)

WordPress Plugin WordPress File Upload Directory Traversal (4.12.2)

WordPress Plugin UpdraftPlus WordPress Backup Security Bypass (1.22.1)

WordPress Plugin wordpress vertical image slider Multiple Vulnerabilities (1.0)

Severity

High

Classification

CVE-2020-3719 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities