Some vendors and users of Adobe Commerce and Magento decided to make a difficult choice between "safe" and "convenient".
As we reported, the February patch from Adobe, released to eliminate the critical vulnerability of mail templates CVE-2022-24086 (CVSS score 9.8), was actively bypassed by attackers.