Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv3

CVE-2021-41143

Published: 27/01/2023 Updated: 07/11/2023
CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2
VMScore: 0
Subscribe to Magento

Vulnerability Summary

OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, Magento admin users with access to the customer media could execute code on the server. Versions 19.4.22 and 20.0.19 contain a patch for this issue.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openmage magento

References

CWE-22https://github.com/OpenMage/magento-lts/releases/tag/v19.4.22https://github.com/OpenMage/magento-lts/releases/tag/v20.0.19https://github.com/OpenMage/magento-lts/commit/45330ff50439984e806992fa22c3f96c4d660f91https://github.com/OpenMage/magento-lts/security/advisories/GHSA-5vpv-xmcj-9q85https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651CVE-2024-34255elevation of privilegeCVE-2024-25529CVE-2024-4671NULL pointer dereferenceCVE-2024-25527template injectionCVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook