Описание
Magento Stored cross-site scripting in admin panel
A stored cross-site scripting vulnerability exists in the admin panel for Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to products and categories.
Пакеты
Наименование
magento/community-edition
composer
Затронутые версииВерсия исправления
>= 2.1, < 2.1.18
2.1.18
Наименование
magento/community-edition
composer
Затронутые версииВерсия исправления
>= 2.2, < 2.2.9
2.2.9
Наименование
magento/community-edition
composer
Затронутые версииВерсия исправления
>= 2.3, < 2.3.2
2.3.2
Связанные уязвимости
CVSS3: 4.8
nvd
больше 6 лет назад
A stored cross-site scripting vulnerability exists in the admin panel for Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to products and categories.