3 matches found
CVE-2019-8228
creationtimestamp| type| source ---|---|--- 2024-02-04 16:16:25+00:00| seen| https://t.me/ctinow/178866...
CVE-2019-8228
in Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated user with limited administrative privileges can inject arbitrary JavaScript code into transactional email page when creating a new email template or editing existing email template...
CVE-2019-8228
The CVE-2019-8228 entry concerns Magento versions prior to 1.9.4.3 and 1.14.4.3, where an authenticated user with limited admin privileges can inject arbitrary JavaScript into the transactional email page when creating or editing email templates. The vulnerability appears to be an XSS issue withi...