Originally published byThe Hacker News
Sansec is warning of a critical security flaw in Magento's REST API that could allow unauthenticated attackers to upload arbitrary executables and achieve code execution and account takeover.
The vulnerability has been codenamed PolyShell by Sansec owing to the fact that the attack hinges on disguising malicious code as an image. There is no evidence that the shortcoming has been exploited in
πΊπΈ
More news from United StatesUnited States
NORTH AMERICA
Related News
Open Harness: The Multi-Panel AI Powerhouse Revolutionizing Developer Workflows
5h ago
Firefox Announces Built-In VPN and Other New Features - and Introduces Its New Mascot
4h ago
CBS News Shutters Radio Service After Nearly a Century
4h ago
50% of Consumers Prefer Brands That Avoid GenAI Content
4h ago
Officer Leaks Location of French Aircraft Carrier With Strava Run
4h ago