CVE-2019-7909

4.8MEDIUM

A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to

发布于: 8/2/2019更新于: 11/21/2024
在NVD查看在MITRE查看

描述

A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to email templates.

AI分析AI驱动

受影响产品

magentomagento
magentomagento
magentomagento
magentomagento
magentomagento

参考资料