Description
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
Remediation
References
Related Vulnerabilities
Ruby on Rails Use of Externally-Controlled Format String Vulnerability (CVE-2013-4389)
WordPress Plugin LionScripts:IP Blocker Lite Cross-Site Request Forgery (10.3)
GlassFish CVE-2016-3607 Vulnerability (CVE-2016-3607)
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2717)