CVE-2021-41143

CVSS V2 None CVSS V3 None
Description
OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, Magento admin users with access to the customer media could execute code on the server. Versions 19.4.22 and 20.0.19 contain a patch for this issue.
Overview
  • CVE ID
  • CVE-2021-41143
  • Assigner
  • security-advisories@github.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-01-27T19:15:09
  • Last Modified Date
  • 2023-02-06T18:47:27
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:openmage:magento:*:*:*:*:lts:*:*:* 1 OR 19.4.22
cpe:2.3:a:openmage:magento:*:*:*:*:lts:*:*:* 1 OR 20.0.0 20.0.19
History
Created Old Value New Value Data Type Notes
2023-04-17 06:52:51 Added to TrackCVE
2023-04-17 06:52:53 Weakness Enumeration new