magento-lts 跨站脚本漏洞

magento-lts is an OpenMage open source reliable replacement for the official version of Magento CE. A cross-site scripting vulnerability exists in magento-lts versions prior to 20.12.3 and prior to 20.13.1, which stems from the presence of script execution in the admin panel that could lead to...

CVE-2020-35678

Autobahn|Python before 20.12.3 allows redirect header injection...