3 matches found
CVE-2019-8227
In Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated user with limited administrative privileges can inject arbitrary JavaScript code via import / export functionality when creating profile action XML...
CVE-2019-8227
In Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated user with limited administrative privileges can inject arbitrary JavaScript code via import / export functionality when creating profile action XML...
CVE-2019-8227
CVE-2019-8227 affects Magento prior to 1.9.4.3 and prior to 1.14.4.3. An authenticated user with limited administrative privileges can inject arbitrary JavaScript through the import/export profile action XML functionality. This is a cross-site scripting issue in the web interface, with exploitati...