Magento PolyShell: unrestricted file upload in Magento and Adobe Commerce
A critical flaw in Magento’s REST API lets unauthenticated attackers upload executable files to any store. We named the vulnerability “PolyShell” because the attack uses a polyglot (code …