Lucene search
GoogleOSV:GHSA-8578-MMF4-F327HistoryMay 24, 2022 - 4:52 p.m.
Magento 2 Community Edition Cross-site Scripting Vulnerability
2022-05-2416:52:24
Google
osv.dev
1
0.001 Low
EPSS
Percentile
27.8%
A cross-site request forgery vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can result in unintended deletion of the store design schedule.
References
github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7873.yaml
magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33
nvd.nist.gov/vuln/detail/CVE-2019-7873
web.archive.org/web/20220121011306/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33
Related
cve
cve
CVE-2019-7873
2019-08-02 22:15:16
cvelist
cvelist
CVE-2019-7873
2019-08-02 21:17:53
nvd
nvd
CVE-2019-7873
2019-08-02 22:15:16
github
github
Magento 2 Community Edition Cross-site Scripting Vulnerability
2022-05-24 16:52:24
osv
osv
CVE-2019-7873
2019-08-02 22:15:16
prion
prion
Cross site request forgery (csrf)
2019-08-02 22:15:00
friendsofphp
friendsofphp
openvas
openvas