Security News > 2024 > October > Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit

Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit
2024-10-02 12:13

Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. Tracked as CVE-2024-34102 (CVSS score: 9.8), the critical flaw relates to an improper restriction of XML external entity reference (XXE) vulnerability that could result in remote code execution. The shortcoming,


News URL

https://thehackernews.com/2024/10/alert-adobe-commerce-and-magento-stores.html

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-06-13 CVE-2024-34102 Unspecified vulnerability in Adobe Commerce and Magento
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. 		0.0
0.0

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Adobe 105 47 824 1650 622 3143
Magento 3 4 103 65 27 199