APSB24-18 : Security update available for Adobe Commerce

🗓️ 09 Apr 2024 00:00:00Reported by AdobeType

Security update for Adobe Commerce and Magento Open Sourc

Reporter	Title	Published	Views	Family All 14
OSV	BIT-magento-2024-20758	12 Apr 202407:21	–	osv
OSV	BIT-magento-2024-20759	12 Apr 202407:21	–	osv
Vulnrichment	CVE-2024-20759 Adobe Commerce \| Cross-site Scripting (Stored XSS) (CWE-79)	10 Apr 202411:49	–	vulnrichment
Vulnrichment	CVE-2024-20758 [Adobe Cloud] RCE through frontend gift registry sharing	10 Apr 202411:49	–	vulnrichment
Cvelist	CVE-2024-20759 Adobe Commerce \| Cross-site Scripting (Stored XSS) (CWE-79)	10 Apr 202411:49	–	cvelist
Cvelist	CVE-2024-20758 [Adobe Cloud] RCE through frontend gift registry sharing	10 Apr 202411:49	–	cvelist
Github Security Blog	Magento Open Source allows Cross-Site Scripting (XSS)	10 Apr 202415:30	–	github
Github Security Blog	Magento Open Source allows Improper Input Validation	10 Apr 202415:30	–	github
CVE	CVE-2024-20758	10 Apr 202412:15	–	cve
CVE	CVE-2024-20759	10 Apr 202412:15	–	cve

Vulners

Node

adobe adobe_commerceRange≤2.4.7-beta3

adobe adobe_commerceRange≤2.4.6-p4

adobe adobe_commerceRange≤2.4.5-p6

adobe adobe_commerceRange≤2.4.4-p7

adobe adobe_commerceRange≤2.4.3-ext

adobe adobe_commerceRange≤6

adobe adobe_commerceRange≤2.4.2-ext

adobe magento_open_sourceRange≤2.4.7-beta3

adobe magento_open_sourceRange≤2.4.6-p4

adobe magento_open_sourceRange≤2.4.5-p6

adobe magento_open_sourceRange≤2.4.4-p7

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Apr 2024 00:00Current

8.4High risk

Vulners AI Score8.4

CVSS38.1 - 9

EPSS0.04616

SSVC