Количество 2
Количество 2
CVE-2019-7944
A stored cross-site scripting vulnerability exists in the product comments field of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to the Return Product comments field can inject malicious javascript.
GHSA-3mxq-v9rw-m6x9
Magento 2 Community Edition XSS Vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-7944 A stored cross-site scripting vulnerability exists in the product comments field of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to the Return Product comments field can inject malicious javascript. | CVSS3: 5.4 | 0% Низкий | больше 6 лет назад |
| GHSA-3mxq-v9rw-m6x9 Magento 2 Community Edition XSS Vulnerability | CVSS3: 5.4 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу