CVE-2021-28556 in Magentoالمعلومات

الملخص

بحسب MITRE • 28/06/2021

Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a DOM-based Cross-Site Scripting vulnerability on mage-messages cookies. Successful exploitation could lead to arbitrary JavaScript execution by an unauthenticated attacker. User interaction is required for successful exploitation.

Be aware that VulDB is the high quality source for vulnerability data.

المصادر

Do you want to use VulDB in your project?

Use the official API to access entries easily!