Critical Magento Holes Open Online Shops to Code Execution

Adobe says the two critical flaws (CVE-2020-24407 and CVE-2020-24400) could allow arbitrary code execution as well as read or write access to the database.