File Upload Bypass Vulnerability in Magento 2.x

File Upload Bypass Vulnerability in Magento 2.x

CVE-2019-7861 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Insufficient server-side validation of user input could allow an attacker to bypass file upload restrictions in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.

Learn more about our Cis Benchmark Audit For Server Software.