Количество 2
Количество 2
CVE-2019-7897
A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to customer configurations to inject malicious javascript.
GHSA-jxp3-mmw7-8285
Magento 2 Community Edition XSS Vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-7897 A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to customer configurations to inject malicious javascript. | CVSS3: 4.8 | 0% Низкий | больше 6 лет назад |
| GHSA-jxp3-mmw7-8285 Magento 2 Community Edition XSS Vulnerability | CVSS3: 4.8 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу