A remote code execution... CVE-2019-8135

7.5 AV AC AU C I A
发布: 2019-11-06
修订: 2019-11-07

A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. Dependency injection through Symphony framework allows service identifiers to be derived from user controlled data, which can lead to remote code execution.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有6条受影响产品信息