Adobe update of the open platform for organizing e-commerce (), which takes about market of systems for creating online stores (Adobe became the owner of Magento in 2018). The update fixes 6 vulnerabilities, of which three have been assigned a critical severity level (details have not yet been reported):
- CVE-2020-3716 - Ability to execute attacker code when deserializing external data;
- CVE-2020-3718 - Bypass protection mechanisms that lead to the execution of arbitrary code on the server side;
- CVE-2020-3719 - An ability to substitute SQL commands that allows you to access data in the database.
Source: opennet.ru