CVE-2021-32759
EPSS 0.55%Data Flow Sanitation Issue Fix
Published: 8/30/2021Modified: 3/13/2026
Also known as:GHSA-xm9f-vxmx-4m58
Description
### Impact Due to missing sanitation in data flow it was possible for admin users to upload arbitrary executable files to the server.
Affected packages (1)
- Packagist/openmage/magento-ltsfrom 0, < 19.4.15
References (5)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-32759
- WEBhttps://github.com/OpenMage/magento-lts/commit/34709ac642d554aa1824892059186dd329db744b
- WEBhttps://github.com/OpenMage/magento-lts/releases/tag/v19.4.15
- WEBhttps://github.com/OpenMage/magento-lts/releases/tag/v20.0.13
- WEBhttps://github.com/OpenMage/magento-lts/security/advisories/GHSA-xm9f-vxmx-4m58