{"api_version":"1","generated_at":"2026-04-21T15:45:37+00:00","cve":"CVE-2021-41231","urls":{"html":"https://cve.report/CVE-2021-41231","api":"https://cve.report/api/cve/CVE-2021-41231.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-41231","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-41231"},"summary":{"title":"CVE-2021-41231","description":"OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, an administrator with the permissions to upload files via DataFlow and to create products was able to execute arbitrary code via the convert profile. Versions 19.4.22 and 20.0.19 contain a patch for this issue.","state":"PUBLIC","assigner":"security-advisories@github.com","published_at":"2023-01-27 19:15:00","updated_at":"2023-11-07 03:38:00"},"problem_types":["CWE-434"],"metrics":[],"references":[{"url":"https://github.com/OpenMage/magento-lts/releases/tag/v20.0.19","name":"https://github.com/OpenMage/magento-lts/releases/tag/v20.0.19","refsource":"MISC","tags":[],"title":"Release v20.0.19 · OpenMage/magento-lts · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/OpenMage/magento-lts/releases/tag/v19.4.22","name":"https://github.com/OpenMage/magento-lts/releases/tag/v19.4.22","refsource":"MISC","tags":[],"title":"Release v19.4.22 · OpenMage/magento-lts · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/OpenMage/magento-lts/commit/d16fc6c5a1e66c6f0d9f82020f11702a7ddd78e4","name":"https://github.com/OpenMage/magento-lts/commit/d16fc6c5a1e66c6f0d9f82020f11702a7ddd78e4","refsource":"MISC","tags":[],"title":"Merge pull request from GHSA-h632-p764-pjqm · OpenMage/magento-lts@d16fc6c · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/OpenMage/magento-lts/security/advisories/GHSA-h632-p764-pjqm","name":"https://github.com/OpenMage/magento-lts/security/advisories/GHSA-h632-p764-pjqm","refsource":"MISC","tags":[],"title":"DataFlow upload remote code execution vulnerability · Advisory · OpenMage/magento-lts · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-41231","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-41231","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"41231","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"openmage","cpe5":"magento","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2021-41231","ASSIGNER":"security-advisories@github.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, an administrator with the permissions to upload files via DataFlow and to create products was able to execute arbitrary code via the convert profile. Versions 19.4.22 and 20.0.19 contain a patch for this issue."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')","cweId":"CWE-77"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"OpenMage","product":{"product_data":[{"product_name":"magento-lts","version":{"version_data":[{"version_value":"< 19.4.22","version_affected":"="},{"version_value":">= 20.0.0, < 20.0.19","version_affected":"="}]}}]}}]}},"references":{"reference_data":[{"url":"https://github.com/OpenMage/magento-lts/releases/tag/v19.4.22","refsource":"MISC","name":"https://github.com/OpenMage/magento-lts/releases/tag/v19.4.22"},{"url":"https://github.com/OpenMage/magento-lts/releases/tag/v20.0.19","refsource":"MISC","name":"https://github.com/OpenMage/magento-lts/releases/tag/v20.0.19"},{"url":"https://github.com/OpenMage/magento-lts/security/advisories/GHSA-h632-p764-pjqm","refsource":"MISC","name":"https://github.com/OpenMage/magento-lts/security/advisories/GHSA-h632-p764-pjqm"},{"url":"https://github.com/OpenMage/magento-lts/commit/d16fc6c5a1e66c6f0d9f82020f11702a7ddd78e4","refsource":"MISC","name":"https://github.com/OpenMage/magento-lts/commit/d16fc6c5a1e66c6f0d9f82020f11702a7ddd78e4"}]},"source":{"advisory":"GHSA-h632-p764-pjqm","discovery":"UNKNOWN"},"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}]}},"nvd":{"publishedDate":"2023-01-27 19:15:00","lastModifiedDate":"2023-11-07 03:38:00","problem_types":["CWE-434"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:openmage:magento:*:*:*:*:lts:*:*:*","versionStartIncluding":"20.0.0","versionEndExcluding":"20.0.19","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:openmage:magento:*:*:*:*:lts:*:*:*","versionEndExcluding":"19.4.22","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"41231","Ordinal":"217045","Title":"CVE-2021-41231","CVE":"CVE-2021-41231","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"41231","Ordinal":"1","NoteData":"** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.","Type":"Description","Title":null}]}}}