SAP Commerce Cloud (formerly known as Hybris) contains a deserialization of untrusted data vulnerability within the mediaconversion and virtualjdbc extension that allows for code injection.
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
CWE-502