CVE-2024-20719 in CommerceИнформация

Сводка

по MITRE • 15.02.2024

Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into every admin page. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field, that could be leveraged to gain admin access.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Раскрытие

15.02.2024

Модерация

принято

Вход

VDB-253711

EPSS

0.01307

KEV

Нет

Деятельности

Очень низкий

Источники

Do you want to use VulDB in your project?

Use the official API to access entries easily!