Description

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a path traversal vulnerability. Successful exploitation could lead to sensitive information disclosure.

Remediation

References

CVE-2020-3717

Related Vulnerabilities

SharePoint CVE-2021-31963 Vulnerability (CVE-2021-31963)

WordPress Plugin WP-Recall-Registration, Profile, Commerce & More Cross-Site Scripting (16.24.47)

Joomla! Core 1.7.x Security Bypass (1.7.0 - 1.7.5)

WordPress Plugin Taxonomy Images Multiple Unspecified Vulnerabilities (0.6)

WordPress Plugin Event Calendar WD-Responsive Event Calendar Cross-Site Scripting (1.1.42)

Severity

Medium

Classification

CVE-2020-3717 CWE-22 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities