Magento External Entity Injection (XXE) Vulnerability - CVE-2024-34102
Adobe Commerce versions 2.4.7 2.4.6-p5 2.4.5-p7 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference (XXE) vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.