CVE-2025-64174
CVE-2025-64174 concerns the OpenMage/magento-lts project. A stored XSS vulnerability affects versions 20.15.0 and earlier, allowing an admin (with direct database access or via the admin notification feed) to inject malicious scripts through unescaped translation strings and URLs rendered in app/...