Cross site scripting

2022-10-1420:15:00

PRIOn knowledge base

www.prio-n.com

cross site scripting

adobe commerce

stored cross-site scripting

2.4.4-p1

2.4.5

nvd

post-authentication

0.001 Low

EPSS

Percentile

29.2%

JSON

Adobe Commerce versions 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by a Stored Cross-site Scripting vulnerability. Exploitation of this issue does not require user interaction and could result in a post-authentication arbitrary code execution.

CPENameOperatorVersion
commerceeq2.4.4
commerceeq2.4.5
commerceeq2.4.4 p1
commercelt2.4.4
magento_open_sourcelt2.4.4
magento_open_sourceeq2.4.5
magento_open_sourceeq2.4.4 p1
magento_open_sourceeq2.4.4

Name	Operator	Version
commerce	eq	2.4.4
commerce	eq	2.4.5
commerce	eq	2.4.4 p1
commerce	lt	2.4.4
magento_open_source	lt	2.4.4
magento_open_source	eq	2.4.5
magento_open_source	eq	2.4.4 p1
magento_open_source	eq	2.4.4

References

helpx.adobe.com/security/products/magento/apsb22-48.html

0.001 Low

EPSS

Percentile

29.2%

JSON

Related for PRION:CVE-2022-35698