PolyShell flaw exposes Magento and Adobe Commerce to file upload attacks
Sansec found a Magento and Adobe Commerce REST API flaw, named PolyShell, which allows unauthenticated file uploads and possible XSS in older versions. Sansec disclosed a critical flaw in the Magento and Adobe Commerce REST API that allows attackers to upload…
PolyShell flaw exposes Magento and Adobe Commerce to file upload attacks Sansec disclosed a critical flaw in the Magento and Adobe Commerce REST API that allows attackers to upload executable files … [+3083 chars]