Lucene search
GoogleOSV:GHSA-9PGC-RVP9-RQV3HistoryMay 24, 2022 - 4:52 p.m.
Magento 2 Community Edition Information Disclosure
2022-05-2416:52:25
Google
osv.dev
8
0.001 Low
EPSS
Percentile
26.9%
An information disclosure vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to create email templates could leak sensitive data via a malicious email template.
References
github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7888.yaml
magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33
nvd.nist.gov/vuln/detail/CVE-2019-7888
web.archive.org/web/20220121011306/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33
Related
prion
prion
Information disclosure
2019-08-02 22:15:00
nvd
nvd
CVE-2019-7888
2019-08-02 22:15:16
cvelist
cvelist
CVE-2019-7888
2019-08-02 21:22:00
osv
osv
CVE-2019-7888
2019-08-02 22:15:16
github
github
Magento 2 Community Edition Information Disclosure
2022-05-24 16:52:25
cve
cve
CVE-2019-7888
2019-08-02 22:15:16
friendsofphp
friendsofphp
PRODSECBUG-2273: Sensitive data disclosure though malicious email templates
2019-06-25 00:00:00
openvas
openvas