The Hacker News
@thehackernews
⚠️ A critical Magento flaw lets attackers upload files without login and take over stores.
The issue, PolyShell, uses the REST API to upload hidden malicious files as images. This can lead to remote code execution or stored XSS.
No fix for current versions yet.
�� Read → https://thehackernews.com/2026/03/magento-polyshell-flaw-enables.html
The issue, PolyShell, uses the REST API to upload hidden malicious files as images. This can lead to remote code execution or stored XSS.
No fix for current versions yet.
�� Read → https://thehackernews.com/2026/03/magento-polyshell-flaw-enables.html
🔥 6
🤔 5
😁 3
👍 1
27 9K
Обсуждение 0
Обсуждение не доступно в веб-версии. Чтобы написать комментарий, перейдите в приложение Telegram.
Обсудить в Telegram