![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvEvX8I4qP26LQ3nRgpRif4RBmoX-y5csTvKLcdwfozqKnFCGbZlBzFcoLeiDzu69ND0FW_60mEsiz0htVIGFigEx3QW4aHwHJxh-vg5XhWCZqnyYBHNpu5TKVjpstyEyt9PdhDo7F7XCuIfm4LyU1Jf7Aw4uiRp5fQ3kG4ww23F9W_k1_yW6FUHjYEg1y/s1600/website-hacked.png)
Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites.
The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been described by Adobe as a case of “improper neutralization of special elements” that could pave the way for arbitrary code execution.
It was addressed by the company as part of
Source:: The Hackers News