OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, a layout block was able to bypass the block blacklist to execute remote code. Versions 19.4.22 and 20.0.19 contain a patch for this issue.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| openmage/magento-lts(Packagist) | 0 | 19.4.22 | N/A |
| openmage/magento-lts(Packagist) | 20.0.0 | 20.0.19 | N/A |
CVSS Metrics
