GHSA-8gc2-vq6m-rwjw: Amazon Redshift Python Connector vulnerable to SQL Injection

GHSA-8596-2jgr-ppj7: Amazon Redshift JDBC Driver vulnerable to SQL Injection

GHSA-xx95-62h6-h7v3: lgsl Stored Cross-Site Scripting vulnerability

GHSA-x52f-h5g4-8qv5: Marp Core allows XSS by improper neutralization of HTML sanitization

GHSA-76h9-2vwh-w278: Apache MINA Deserialization RCE Vulnerability

### Impact
Magento admin users with access to the customer media could execute code on the server.



**Fix for arbitrary file deletion in customer media allows for remote code execution**

High severity GitHub Reviewed Published Jan 27, 2023 in OpenMage/magento-lts • Updated Jan 27, 2023

Headline

GHSA-5vpv-xmcj-9q85: Fix for arbitrary file deletion in customer media allows for remote code execution

Impact

Related news

ghsa: Latest News