CVE-2021-32759
Data Flow Sanitation Issue Fix
EPSS 0.55%
Description
### Impact Due to missing sanitation in data flow it was possible for admin users to upload arbitrary executable files to the server.
How to fix CVE-2021-32759
To remediate CVE-2021-32759, upgrade the affected package to a fixed version below.
- Packagist/openmage/magento-lts—upgrade to 19.4.15 or later
Is CVE-2021-32759 being exploited?
Low — EPSS is 0.5%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 19.4.15