3 matches found
CVE-2019-8115
A reflected cross-site scripting XSS vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can inject arbitrary JavaScript code when adding an image for during simple product creation...
CVE-2019-8115
A reflected cross-site scripting XSS vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can inject arbitrary JavaScript code when adding an image for during simple product creation...
CVE-2019-8115
CVE-2019-8115 is a reflected XSS vulnerability in Magento Magento 2.2 (before 2.2.10) and 2.3 (before 2.3.3 or 2.3.2-p1). An authenticated admin can inject arbitrary JavaScript when adding an image during simple product creation. Root cause: input reflected in the image-attachment flow allows scr...