{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreien76qkl3ooxdsgfudrxu54rmyyrognuoscp5obkci2rvqqnx6rwm",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mhmfyw3462u2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreignwug5hvtyih6hrqtcwcom3mwfura44ekwmvw7ywx3eutu7geujy"
    },
    "mimeType": "image/jpeg",
    "size": 323858
  },
  "path": "/magento-polyshell-flaw-lets-attackers-upload-files-without-logging-in-raising-rce-and-takeover-risks/",
  "publishedAt": "2026-03-21T07:33:34.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "Magento “PolyShell” flaw lets attackers upload files without logging in, raising RCE and takeover risks",
    "VPN Central"
  ],
  "textContent": "A newly disclosed Magento flaw called PolyShell can let unauthenticated attackers upload files through the platform’s REST API, creating a serious risk for Adobe Commerce and Magento Open Source stores. Security firm Sansec says the bug affects all Magento Open Source and Adobe Commerce versions up to 2.4.9-alpha2, while Adobe’s March bulletin shows fixes shipping […]\n\nThe post Magento “PolyShell” flaw lets attackers upload files without logging in, raising RCE and takeover risks appeared first on VPN Central.",
  "title": "Magento “PolyShell” flaw lets attackers upload files without logging in, raising RCE and takeover risks"
}