CVE-2024-34102: Adobe Commerce and Magento Open Source Improper Restriction

Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability. Adobe Commerce and Magento Open Source contain an improper restriction of XML external entity reference (XXE) vulnerability that allows for remote code execution.

• CISA KEV-listed (remediation due 2024-08-07)
• EPSS 94.2% (99.9% percentile)

Browse the CVE database

Read the full analysis on IntelFusions