Posted on

Magento up to 2.1.17/2.2.8/2.3.1 Layout Remote Code Execution

A vulnerability was found in Magento up to 2.1.17/2.2.8/2.3.1. It has been declared as critical. Affected by this vulnerability is an unknown code block of the component Layout Handler. Upgrading to version 2.1.18, 2.2.9 or 2.3.2 eliminates this vulnerability.