Description
Insufficient server-side validation of user input could allow an attacker to bypass file upload restrictions in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.
Remediation
References
Related Vulnerabilities
WordPress Plugin Active Directory Authentication Integration Cross-Site Scripting (0.6)
Moodle Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2020-1754)
WordPress 4.6.x Denial of Service Vulnerability (4.6 - 4.6.10)
WordPress Plugin Splashing Images Multiple Vulnerabilities (2.1)
WordPress Plugin LayerSlider Responsive WordPress Slider Multiple Vulnerabilities (6.2.0)