CVE-2019-7868
Magento 2: A stored cross-site scripting (XSS) vulnerability exists in the admin panel for Magento 2.1 before 2.1.18, 2.2 before 2.2.9, and 2.3 before 2.3.2. It can be exploited by an authenticated user who has permissions to manage tax rules. Impact details in the connected Red Hat advisory conf...