Description
Magento versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an Improper input validation vulnerability within the CMS page scheduled update feature. An authenticated attacker with administrative privilege could leverage this vulnerability to achieve remote code execution on the system.
Remediation
References
Related Vulnerabilities
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19926)
WordPress Plugin Featured Comments Cross-Site Request Forgery (1.2.1)
Drupal Core 8.x.x Multiple Security Bypass Vulnerabilities (8.0.0 - 8.8.12)
WordPress Plugin Donation Block For PayPal Unspecified Vulnerability (1.0.0)
WordPress Plugin WooCommerce Affiliate-Coupon Affiliates Cross-Site Scripting (4.11.0.1)