CVE-2020-9581

Cross-site Scripting in packagist/magento/community-edition

Identifiers

CVE-2020-9581

Package Slug

packagist/magento/community-edition

Vulnerability

Cross-site Scripting

Description

Magento has a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

Affected Versions

All versions up to 1.9.4.4, all version starting from 1.14.4.0 up to 1.14.4.4, all versions starting from 2.2.0 up to 2.2.11, all versions starting from 2.3.0 up to 2.3.4

Solution

Upgrade to versions 1.9.4.5, 1.14.4.5, 2.3.5 or above.

Last Modified

2020-07-02

source