Amasty Blog is a website page extension from Amasty. magento2 is an open source PHP e-commerce system. cross-site scripting vulnerability exists in Amasty Blog Pro version 2.10.5 before for Magento 2, which stems from the failure of the blog post creation function in the plugin to effectively filter the short_content and full_content fields. An attacker could use the vulnerability to inject JavaScript code to launch an XSS attack on the admin panel user via post (preview) or post (save).
CPE | Name | Operator | Version |
---|---|---|---|
amasty amasty blog pro for magento 2 | lt | 2.10.5 |