Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

RedhatCVE
RedhatCVEadded 2025/11/07 8:56 p.m.4 views

CVE-2025-64174

Magento-lts is a long-term support alternative to Magento Community Edition CE. Versions 20.15.0 and below are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an admin with direct database access or the admin notification feed source to inject malicious scripts...

4.6CVSS5.7AI score0.00034EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/11/06 8:45 p.m.7 views

CVE-2025-64174 OpenMage is vulnerable to XSS in Admin Notifications

Magento-lts is a long-term support alternative to Magento Community Edition CE. Versions 20.15.0 and below are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an admin with direct database access or the admin notification feed source to inject malicious scripts...

4.6CVSS0.00034EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/11/06 12:0 a.m.2 views

magento-lts 安全漏洞

magento-lts is an OpenMage open source reliable replacement for the official version of Magento CE. A security vulnerability exists in magento-lts version 20.15.0 and earlier, which stems from unescaped translation strings and URLs being printed to a specific context, potentially leading to a...

4.8CVSS5.8AI score0.00034EPSS
Exploits1References2
Rows per page
Query Builder