CVE-2024-34102

Adobe Commerce and Magento Open Source contain an improper restriction of XML external entity reference (XXE) vulnerability that allows for remote code execution. Vendor/Product: Adobe Commerce and Magento Open Source. Added to CISA KEV 2024-07-17; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.