5 matches found
CVE-2019-8153
A mitigation bypass to prevent cross-site scripting XSS exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. Successful exploitation of this vulnerability would result in an attacker being able to bypass the escapeURL function and execute a malicious XSS payload...
CVE-2019-8153
creationtimestamp| type| source ---|---|--- 2024-02-04 15:51:15+00:00| seen| Telegram/ZMXzUlTZHjpltj1FawR1cV-WQ6M0056W4V7aeQSPGqPcXPXa...
CVE-2019-8153
A mitigation bypass to prevent cross-site scripting XSS exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. Successful exploitation of this vulnerability would result in an attacker being able to bypass the escapeURL function and execute a malicious XSS payload...
CVE-2019-8153
A mitigation bypass to prevent cross-site scripting XSS exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. Successful exploitation of this vulnerability would result in an attacker being able to bypass the escapeURL function and execute a malicious XSS payload...
CVE-2019-8153
The CVE-2019-8153 entry describes a mitigation bypass that allows bypassing Magento’s escapeURL() and executing a malicious XSS payload. Affected are Magento 2.2 versions before 2.2.10 and Magento 2.3 versions before 2.3.3 or 2.3.2-p1. Impact is client-facing XSS due to bypassed URL escaping; CVS...