A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 before 2.1.18, Magento 2.2 before 2.2.9, Magento 2.3 before 2.3.2. This can be exploited by authenticated user with admin privileges to manipulate shipment settings to execute arbitrary code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
magento magento |