CVE-2016-10704
CVE-2016-10704 affects Magento Community Edition and Enterprise Edition before versions 2.0.10 (CE) and 2.1.x before 2.1.2. The issue is an XSS in email templates that is mishandled during preview (APPSEC-1503). Root cause: crafted input in email template preview can be reflected in rendered cont...