Inkampani yeAdobe ikhutshiwe ukuhlaziya iqonga elivulekileyo lokuququzelela urhwebo lwe-e Magento (2.3.4, 2.3.3-p1 kunye ne-2.2.11), ethatha malunga 10% imarike yeenkqubo zokudala iivenkile ze-intanethi (i-Adobe yaba ngumnini weMagento ngo-2018). Uhlaziyo lususa ubuthathaka obu-6, apho abathathu babelwe kwinqanaba elibalulekileyo lengozi (iinkcukacha azikabhengezwa):
- I-CVE-2020-3716 -ukwenzeka kokusetyenziswa kwekhowudi yomhlaseli xa kuchithwa idatha yangaphandle;
- I-CVE-2020-3718 - i-bypass yeendlela zokukhusela ezikhokelela ekuqhutyweni kwekhowudi engafanelekanga kwicala lomncedisi;
- I-CVE-2020-3719 yinkalo yomyalelo weSQL evumela ukufikelela kwidatha kwisiseko sedatha.
umthombo: opennet.ru