Fetching latest headlines…
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
NORTH AMERICA
πŸ‡ΊπŸ‡Έ United Statesβ€’March 20, 2026

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

0 views0 likes0 comments
Originally published byThe Hacker News
Sansec is warning of a critical security flaw in Magento's REST API that could allow unauthenticated attackers to upload arbitrary executables and achieve code execution and account takeover. The vulnerability has been codenamed PolyShell by Sansec owing to the fact that the attack hinges on disguising malicious code as an image. There is no evidence that the shortcoming has been exploited in

Comments (0)

Sign in to join the discussion

Be the first to comment!

πŸ‡ΊπŸ‡Έ

United States

NORTH AMERICA

More news from United States

Related News

Jeff Bezos Seeking $100 Billion to Buy Manufacturing Companies, 'Transform' Them With AI

Jeff Bezos Seeking $100 Billion to Buy Manufacturing Companies, 'Transform' Them With AI

7h ago

Officer Leaks Location of French Aircraft Carrier With Strava Run

Officer Leaks Location of French Aircraft Carrier With Strava Run

7h ago

Microsoft Says It Is Fixing Windows 11

Microsoft Says It Is Fixing Windows 11

7h ago

CBS News Shutters Radio Service After Nearly a Century

CBS News Shutters Radio Service After Nearly a Century

7h ago

Firefox Announces Built-In VPN and Other New Features - and Introduces Its New Mascot

Firefox Announces Built-In VPN and Other New Features - and Introduces Its New Mascot

7h ago

View all NORTH AMERICA news β†’