Magento has updated its e-commerce software for all supported platforms with fixes for multiple vulnerabilities. Some of them have critical severity and hackers could exploit them to run arbitrary code. The updates address six vulnerabilities, half of them rated critical. The rest of the bugs are marked as important. Magento 2.3.4 is available for download and admins are recommended to install it in the immediate period. It also brings page builder enhancements, integration with Adobe Stock, compatibility with PWA Studio-based storefronts, and other updates.
Source: https://www.bleepingcomputer.com/news/security/magento-234-fixes-critical-code-execution-vulnerabilities/