Skip to content

OpenMage Docs

Release v19.4.10 and v20.0.6

Initializing search

OpenMage/magento-lts

Get started
API
Development
Modules
Blog

OpenMage Docs

OpenMage/magento-lts

Get started
Get started
- Requirements
- Installing
  Installing
- Changelog
  Changelog
- Versioning
  Versioning
  - Currently Maintained
- Quick links
  Quick links
  - Tags
API
API
- REST
  REST
  - Common HTTP status codes
  - HTTP methods
  - Use filters
  - Resources
    Resources
    
    Products
    Products
    
    Product Categories
    
    Customers
    Customers
    
    Customers
  - Response Formats
  - Testing
Development
Development
- Events
  Events
  - Events list
- Tools
  Tools
- Multistore
  Multistore
  - Error pages
- Samples
  Samples
  - php.ini
  - robots.txt
- Guides
  Guides
- Documentation
  Documentation
  - MkDocs
Modules
Modules
- Analytics
- Backend
- Cache
- Captcha
- Cron
- Email
- Frontend
- Images
- Log & Debug
- Payment
- Themes
  Themes
  - Frontend
- User Guides
  User Guides
  - Swatches
Blog
Blog
- Archive
  Archive
  - 2024
  - 2023
  - 2022
  - 2021
  - 2020
  - 2019
- Categories
  Categories

Sven Reichel
Contributor

Metadata
- January 19, 2021
- in Releases v19, Releases v20, Security
- 1 min read

New Release 19.4.10 and 20.0.6¶

Placeholder for the change ¹ ²

CVE-2020-15244 ³ CMS Editor code execution
CVE-2020-26285 ⁴ Widget instances allows a hacker to inject an executable file on the server
CVE-2020-26252 ⁵ Layout XML RCE Vulnerability

https://github.com/OpenMage/magento-lts/releases/tag/v19.4.10 ↩
https://github.com/OpenMage/magento-lts/releases/tag/v20.0.6 ↩
https://github.com/OpenMage/magento-lts/security/advisories/GHSA-jrgf-vfw2-hj26 ↩
https://github.com/OpenMage/magento-lts/security/advisories/GHSA-hj6w-xrv3-wjj9 ↩
https://github.com/OpenMage/magento-lts/security/advisories/GHSA-99m6-r53j-4hh2 ↩

Release v19.4.9 and v20.0.5

Release v19.4.11 and v20.0.7

OpenMage contributors