Adobe released security updates for flaws affecting Magento Commerce 2 and Magento Open Source 2, versions 2.33.5-p1 and earlier. These included two critical vulnerabilities and two important-severity flaws. Magento is a popular, Adobe-owned open-source e-commerce platform that powers many online shops. Adobe recommends administrators install the update soon (for example, within 30 days), said Adobe. The issue also comes after Magento 1 reached end-of-life (EOL) in June, with Adobe making a last-ditch effort to urge the 100,000 online stores still running the outdated version.
Source: https://threatpost.com/critical-magento-flaws-code-execution/157840/