Magento Vulnerability Exploited Increasingly to Hack Online Stores


The critical mail template vulnerability CVE-2022-24086, which affects Adobe Commerce and Magento stores, is the target of an increase in cyberattacks, according to e-commerce malware and vulnerability detection company Sansec.

In February 2022, Adobe issued emergency patches for CVE-2022-24086 (CVSS score of 9.8), alerting administrators and store owners that the security flaw was already being used in attacks.  Days later, Adobe updated its warning, confirming that the patch-bypassing vulnerability had been given a new CVE number, namely CVE-2022-24087. Around the same time, proof-of-concept (PoC) code aimed at the bug was also released.

Also Read: The Top Three Security Flaws in IoT and Smart Devices

The issue is described as a check-out process flaw involving improper input validation that could be used to execute arbitrary code without authentication.

Read More: Magento Vulnerability Increasingly Exploited to Hack Online Stores

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.