CVE-2020-9581
packagist/magento/community-edition
Cross-site Scripting
Magento has a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
All versions up to 1.9.4.4, all version starting from 1.14.4.0 up to 1.14.4.4, all versions starting from 2.2.0 up to 2.2.11, all versions starting from 2.3.0 up to 2.3.4
Upgrade to versions 1.9.4.5, 1.14.4.5, 2.3.5 or above.
2020-07-02
source |