"CosmicSting Flaw Impacts 75% of Adobe Commerce, Magento Sites"

A vulnerability dubbed "CosmicSting" that affects Adobe Commerce and Magento websites remains largely unpatched nine days after a security update was released, leaving millions of websites exposed to attacks. According to Sansec, about three of every four websites that use the impacted e-commerce platforms have not been patched against CosmicSting, putting them at risk of XML External Entity Injection (XXE) and Remote Code Execution (RCE). This article continues to discuss the potential exploitation and impact of the CosmicSting vulnerability.

BleepingComputer reports "CosmicSting Flaw Impacts 75% of Adobe Commerce, Magento Sites"

Submitted by grigby1