CVE-2021-28556 in Magento
Zusammenfassung
von MITRE • 28.06.2021
Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a DOM-based Cross-Site Scripting vulnerability on mage-messages cookies. Successful exploitation could lead to arbitrary JavaScript execution by an unauthenticated attacker. User interaction is required for successful exploitation.
Be aware that VulDB is the high quality source for vulnerability data.