The vulnerability, dubbed SessionReaper, allows customer account takeover and unauthenticated remote code execution
First seen on infosecurity-magazine.com
Jump to article: www.infosecurity-magazine.com/news/adobes-emergency-patch-commerce/
Adobe Releases Emergency Patch for Critical Flaw in Commerce and Magento