Originally published byThe Hacker News
Sansec is warning of a critical security flaw in Magento's REST API that could allow unauthenticated attackers to upload arbitrary executables and achieve code execution and account takeover.
The vulnerability has been codenamed PolyShell by Sansec owing to the fact that the attack hinges on disguising malicious code as an image. There is no evidence that the shortcoming has been exploited in
πΊπΈ
More news from United StatesUnited States
NORTH AMERICA
Related News
CBS News Shutters Radio Service After Nearly a Century
4h ago
White House Unveils National AI Policy Framework To Limit State Power
4h ago
Officer Leaks Location of French Aircraft Carrier With Strava Run
4h ago
Microsoft Says It Is Fixing Windows 11
4h ago
NASA's Hubble Unexpectedly Catches Comet Breaking Up
4h ago