Description
Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
Remediation
References
Related Vulnerabilities
WordPress Plugin Gravity Forms Constant Contact Cross-Site Scripting (1.0.5)
MySQL CVE-2019-2625 Vulnerability (CVE-2019-2625)
MyBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-43281)
Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-33331)
Oracle HTTP Server CVE-2020-2530 Vulnerability (CVE-2020-2530)