Количество 2
Количество 2
CVE-2019-7938
A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify catalog price rules to inject malicious javascript.
GHSA-mgfr-44wv-hqv6
Magento 2 Community Edition XSS Vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-7938 A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify catalog price rules to inject malicious javascript. | CVSS3: 4.8 | 0% Низкий | больше 6 лет назад |
| GHSA-mgfr-44wv-hqv6 Magento 2 Community Edition XSS Vulnerability | CVSS3: 4.8 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу