Magento 2 Community Edition Cross-site Scripting Vulnerability

🗓️ 24 May 2022 16:52:28Reported by GitHub Advisory DatabaseType

Magento 2 XSS Vulnerability in Admin Pane

Reporter	Title	Published	Views	Family All 10
CVE	CVE-2019-7940	2 Aug 201921:33	–	cve
Cvelist	CVE-2019-7940	2 Aug 201921:33	–	cvelist
EUVD	EUVD-2019-17404	7 Oct 202500:30	–	euvd
Friends Of PHP	PRODSECBUG-2371: Stored cross-site scripting in the admin panel	25 Jun 201900:00	–	friendsofphp
Friends Of PHP	PRODSECBUG-2371: Stored cross-site scripting in the admin panel	25 Jun 201900:00	–	friendsofphp
Friends Of PHP	PRODSECBUG-2371: Stored cross-site scripting in the admin panel	25 Jun 201900:00	–	friendsofphp
NVD	CVE-2019-7940	2 Aug 201922:15	–	nvd
OpenVAS	Magento 2.1.x < 2.1.18, 2.2.x < 2.2.9, 2.3.x < 2.3.2 Multiple Vulnerabilities (Jun 2019)	4 Jul 201900:00	–	openvas
Prion	Cross site scripting	2 Aug 201922:15	–	prion
RedhatCVE	CVE-2019-7940	22 May 202505:25	–	redhatcve

Vulners

Node

magento community-editionRange2.3.0–2.3.2composer

magento community-editionRange2.2.0–2.2.9composer

magento community-editionRange2.1.0–2.1.18composer

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2019-7940
web	www.web.archive.org/web/20220127030535/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-24
github	www.github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7940.yaml
github	www.github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7940.yaml
github	www.github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7940.yaml
magento	www.magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23
github	www.github.com/advisories/GHSA-cgm7-gjhw-rrf6