CVE-2024-20717

Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser wh...

Adobe Commerce 资源管理错误漏洞

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A resource management error vulnerability exists in Adobe Commerce version 2.4.6-p3 and prior to versions 2.4.5-p5 and 2.4.4-p6, which stems from the...

SQL Injection

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to SQL Injection due to improper neutralization of special elements used in an SQL command. An attacker can execute arbitrary code by injecting SQL commands without user...