CVE-2021-28556 in Magentoinfo

Zusammenfassung

von MITRE • 28.06.2021

Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a DOM-based Cross-Site Scripting vulnerability on mage-messages cookies. Successful exploitation could lead to arbitrary JavaScript execution by an unauthenticated attacker. User interaction is required for successful exploitation.

Be aware that VulDB is the high quality source for vulnerability data.

Reservieren

16.03.2021

Veröffentlichung

28.06.2021

Moderieren

akzeptiert

Eintrag

VDB-177717

CPE

bereit

EPSS

0.01397

KEV

nein

Aktivitäten

very low

Quellen

Want to stay up to date on a daily basis?

Enable the mail alert feature now!