VDB
BIT-magento-2024-34108
BIT-magento-2024-34108
PUBLISHED
CVSS 9.100000381469727 CRITICAL
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, but admin privileges are required and scope is changed.
Risk Scores
CVSS 3.1
9.100000381469727
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | magento | 2.4.7-alpha0, 2.4.6-alpha0, 2.4.5-alpha0 |
Timeline
- Jun 17, 2024 CVE Published
- Feb 26, 2025 CVE Updated