CVE-2020-24408

🗓️ 16 Oct 2020 15:11:15Reported by [email protected]Type

Magento versions 2.4.0 and 2.3.5p1 affected by persistent XSS vulnerabilit

Reporter	Title	Published	Views	Family All 10
Cvelist	CVE-2020-24408 Stored XSS in customer address upload feature	16 Oct 202014:03	–	cvelist
CVE	CVE-2020-24408	16 Oct 202015:15	–	cve
Prion	Cross site scripting	16 Oct 202015:15	–	prion
Github Security Blog	Magento 2 Community Edition XSS Vulnerability	24 May 202217:31	–	github
OSV	BIT-magento-2020-24408	6 Mar 202411:07	–	osv
OSV	Magento 2 Community Edition XSS Vulnerability	24 May 202217:31	–	osv
OSV	CVE-2020-24408	16 Oct 202015:15	–	osv
Adobe	APSB20-59 Security updates available for Magento	15 Oct 202000:00	–	adobe
ThreatPost	Critical Magento Holes Open Online Shops to Code Execution	15 Oct 202020:59	–	threatpost
OpenVAS	Magento < 2.3.6, 2.4.x < 2.4.1 Multiple Vulnerabilities (APSB20-59)	23 Oct 202000:00	–	openvas

Nvd

Node

magento magentoRange≤2.3.4commerce

magento magentoRange≤2.3.4open_source

magento magentoMatch2.3.5-commerce

magento magentoMatch2.3.5-open_source

magento magentoMatch2.3.5p1commerce

magento magentoMatch2.3.5p1open_source

magento magentoMatch2.4.0commerce

magento magentoMatch2.4.0open_source

Source	Link
helpx	www.helpx.adobe.com/security/products/magento/apsb20-59.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 Oct 2020 15:15Current

CVSS24.3

CVSS36.1

EPSS0.00084

CWE-79