Lucene search
GoogleOSV:GHSA-6988-G89M-27VFHistoryMay 24, 2022 - 5:41 p.m.
Magento stored cross-site scripting (XSS) in the customer address upload feature
2022-05-2417:41:56
Google
osv.dev
4
magento
xss
customer address upload
versions 2.4.1
2.4.0-p1
2.3.6
vulnerability
javascript execution
exploitation
user interaction
security advisory
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting (XSS) in the customer address upload feature. Successful exploitation could lead to arbitrary JavaScript execution in the victim’s browser. Exploitation of this issue requires user interaction.
Related
prion
prion
Cross site scripting
2021-02-11 20:15:00
cvelist
cvelist
osv
osv
BIT-magento-2021-21030
2024-03-06 10:59:40
CVE-2021-21030
2021-02-11 20:15:14
github
github
cve
cve
CVE-2021-21030
2021-02-11 20:15:14
nvd
nvd
CVE-2021-21030
2021-02-11 20:15:14
adobe
adobe
APSB21-08 Security updates available for Magento
2021-02-09 00:00:00
threatpost
threatpost
Attackers Exploit Critical Adobe Bug, Target Windows
2021-02-09 19:40:47