OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, Custom Layout enabled admin users to execute arbitrary commands via block methods. Versions 19.4.22 and 20.0.19 contain patches for this issue.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| openmage/magento-lts(Packagist) | 0 | 19.4.22 | N/A |
| openmage/magento-lts(Packagist) | 20.0.0 | 20.0.19 | N/A |
CVSS Metrics
