CVE-2019-7921
Magento 2.x cross-site scripting vulnerability CVE-2019-7921 affects the product catalog form and can be exploited by an authenticated user with catalog privileges to inject JavaScript. Affected versions are Magento 2.1 before 2.1.18, 2.2 before 2.2.9, and 2.3 before 2.3.2. The issue is fixed by ...