4 matches found
CVE-2019-12186
An issue was discovered in Sylius products. Missing input sanitization in sylius/sylius 1.0.x through 1.0.18, 1.1.x through 1.1.17, 1.2.x through 1.2.16, 1.3.x through 1.3.11, and 1.4.x through 1.4.3 and sylius/grid 1.0.x through 1.0.18, 1.1.x through 1.1.18, 1.2.x through 1.2.17, 1.3.x through...
CVE-2019-12186
Summary: CVE-2019-12186 describes a Cross-Site Scripting (XSS) issue in Sylius grid rendering. The vulnerability stems from missing input sanitization in Sylius core components (sylius/sylius) and the grid bundle, allowing an attacker to inject malicious code via a field displayed in a grid with ...
CVE-2019-12186: XSS injection in the Grid component
More info at https://sylius.com/blog/cve-2019-12186/...
CVE-2019-12186: XSS injection in the Grid component
More info at https://sylius.com/blog/cve-2019-12186/...