Last week on August 8th, 2023, Adobe released a critical security patch for Adobe Commerce and the Magento Open Source CMS. The patch provides fixes for three vulnerabilities which affect the popular ecommerce platforms. Successful exploitation could lead to arbitrary code execution, privilege escalation and arbitrary file system read.
Affected versions of Magento Open Source are as follows:
2.4.6-p1 and earlier
2.4.5-p3 and earlier
2.4.4-p4 and earlier
Website administrators are advised to update their software immediately to mitigate risk to their Magento and Adobe Commerce environments.