Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
- Posted on March 20, 2026
- By The Hacker News
- 7 Views
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
Magento flaw allows unauthenticated file uploads up to 2.4.9-alpha2, enabling RCE or takeover, exposing stores to attack risk.
