Adobe patches Magento bugs that lead to code execution, customer list tampering

From zdnet.com

Adobe has released a set of out-of-band security fixes to resolve serious issues in the Magento platform. 

Published on October 15, the security advisory is outside of the firm’s typical monthly patch cycle and resolves nine vulnerabilities, eight of which are considered either critical or important, as well as one moderate-severity flaw. 

The vulnerabilities impact Magento Commerce and Magento Open Source, versions 2.3.5-p1, 2.4.0, and earlier.

Read more…