CVE-2021-32758
EPSS 0.36%Layout XML Arbitrary Code Fix
發布日:2021/8/30修改日:2026/3/13
描述
### Impact Layout XML enabled admin users to execute arbitrary commands via block methods.
受影響套件(1)
- Packagist/openmage/magento-ltsfrom 0, < 19.4.15
參考連結(5)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-32758
- WEBhttps://github.com/OpenMage/magento-lts/commit/b99307d00b59c4a226a1e3e4083f02cf2fc8fce7
- WEBhttps://github.com/OpenMage/magento-lts/releases/tag/v19.4.15
- WEBhttps://github.com/OpenMage/magento-lts/releases/tag/v20.0.13
- WEBhttps://github.com/OpenMage/magento-lts/security/advisories/GHSA-26rr-v2j2-25fh