4287 matches found
Improper Authorization
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Improper Authorization via improper authorization checks in the access control process. An attacker can gain unauthorized write access by tricking a user into visiting a...
Cross-site Scripting (XSS)
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the form fields. An attacker can execute arbitrary JavaScript in the context of a victim's browser by injecting malicious scripts, potentially...
Cross-site Scripting (XSS)
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the form fields process. An attacker can execute arbitrary JavaScript in the context of another user's browser session by injecting malicious...
Dependency on Vulnerable Third-Party Component
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Dependency on Vulnerable Third-Party Component through the use of a vulnerable third-party component. An attacker can cause the application to crash by sending specially...
Out-of-bounds Read
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Out-of-bounds Read in the input validation process. An attacker can gain unauthorized write access by tricking a user with high privileges into visiting a maliciously craft...
Dependency on Vulnerable Third-Party Component
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Dependency on Vulnerable Third-Party Component due to the use of a vulnerable third-party component. An attacker can cause the application to crash by sending specially...
APSB26-49 : Security update available for Adobe Commerce
Adobe has released a security update for Adobe Commerce and Magento Open Source. This update resolves critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution, arbitrary file system write, application denial-of-service, and security feature...
Magento LTS: Reflected XSS - Import -> Data Flow (profiles)
A reflected XSS vulnerability was found under admin panel - System - Import/Export - Dataflow - Profiles. Steps to produce + Login to the admin panel + Go to the path System - Import/Export - Dataflow - Profiles + Select profile direction as Import. + Click on Import Customers + Upload the file...
GHSA-X8JV-Q8J2-487C Magento LTS: Reflected XSS - Import -> Data Flow (profiles)
A reflected XSS vulnerability was found under admin panel - System - Import/Export - Dataflow - Profiles. Steps to produce + Login to the admin panel + Go to the path System - Import/Export - Dataflow - Profiles + Select profile direction as Import. + Click on Import Customers + Upload the file...
Cross-site Scripting (XSS)
Overview openmage/magento-lts is a This repository is the home of an unofficial community-driven project. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the run process in the admin panel's import/export data flow profiles. An attacker can execute arbitrary scrip...
GHSA-QPGQ-5G92-J5Q8 Magento LTS Vulnerable to Open Redirect via Unvalidated `uenc` Parameter in `stockAction()`
Summary MageProductAlertAddController::stockAction reads the uenc query parameter and passes it directly to $this-redirectUrl$backUrl without calling $this-isUrlInternal When the supplied productid does not match any catalog product, the server issues an unvalidated HTTP 302 redirect to whatever...
Magento LTS Vulnerable to Open Redirect via Unvalidated `uenc` Parameter in `stockAction()`
Summary MageProductAlertAddController::stockAction reads the uenc query parameter and passes it directly to $this-redirectUrl$backUrl without calling $this-isUrlInternal When the supplied productid does not match any catalog product, the server issues an unvalidated HTTP 302 redirect to whatever...
Open Redirect
Overview openmage/magento-lts is a This repository is the home of an unofficial community-driven project. Affected versions of this package are vulnerable to Open Redirect via the stockAction process. An attacker can redirect authenticated users to arbitrary external websites by supplying a craft...
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Overview openmage/magento-lts is a This repository is the home of an unofficial community-driven project. Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator PRNG in the start function. An attacker can gain unauthorized access to active...
PT-2026-35236
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Adobe Commerce/Magento affected versions not specified Description An inappropriate implementation in FoldableAPIs allows a remote attacker who has compromised the renderer process to bypass site...
EUVD-2026-23903
OpenMage LTS: Cross-user wishlist import leads to private option & file disclosure...
OpenMage LTS has a Path Traversal Filter Bypass in Dataflow Module
The Dataflow module in OpenMage LTS uses a weak blacklist filter strreplace'../', '', $input to prevent path traversal attacks. This filter can be bypassed using patterns like ..././ or ....//, which after the replacement still result in ../. An authenticated administrator can exploit this to rea...
Directory Traversal
Overview openmage/magento-lts is a This repository is the home of an unofficial community-driven project. Affected versions of this package are vulnerable to Directory Traversal through the files request parameter in the dataflow import parsers. An attacker with administrative privileges can read...
Missing Authorization
Overview openmage/magento-lts is a This repository is the home of an unofficial community-driven project. Affected versions of this package are vulnerable to Missing Authorization through the MageWishlistSharedController shared wishlist item flow. An attacker can access or manipulate wishlist ite...
Arbitrary File Upload
Overview openmage/magento-lts is a This repository is the home of an unofficial community-driven project. Affected versions of this package are vulnerable to Arbitrary File Upload due to an incomplete blocklist in the file upload process. An attacker can execute arbitrary code on the server by...