CVE-2019-8231 – In Magento to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated user with administra …

Vuln ID: CVE-2019-8231

Published:  2019-11-06  00:15:13Z

Description: In Magento to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated user with administrative privileges for editing attribute sets can execute arbitrary code through custom layout modification.

Source: NVD.NIST.GOV

 

Tags