Magento 2.1.6 Shell Upload / Cross Site Request Forgery Magento versions 2.1.6 and below suffers from cross site request forgery and shell upload vulnerabilities. Leave a ReplyYou must be logged in to post a comment. Filed under: exploit - @ April 14, 2017 5:38 am