CVE-2019-8229 – In Magento prior to 1.9.4.3, and Magento prior to 1.14.4.3, an authenticated user with adm …

Vuln ID: CVE-2019-8229

Published:  2019-11-06  00:15:13Z

Description: In Magento prior to 1.9.4.3, and Magento prior to 1.14.4.3, an authenticated user with administrative privileges to edit product attributes can execute arbitrary code through crafted layout updates.

Source: NVD.NIST.GOV

 

Tags