From bleepingcomputer.com
Magento’s Security Team urged users to install the latest released security update to protect their stores from exploitation attempts trying to abuse a recently reported remote code execution (RCE) vulnerability.
The issue is impacting Magento Commerce 2.3.1 and Magento Commerce 2.3.2 were security-only patch 2.3.2-p2 was not installed, as well as unsupported versions of Page Builder, such as Page Builder Beta.
“Merchants running Magento Commerce 2.3.x should install the latest security update to help protect their stores from potential malicious attacks that could exploit a vulnerability in preview methods,” Magento said.