Home / os / palm

Magento 2.4.6 XSLT Server Side Injection / Command Execution

Posted on 17 November 2023

Magento version 2.4.6 suffers from an XSLT server side injection vulnerability that allows for remote command execution.

 

TOP