Lucene search
K

4 matches found

OSV
OSV
added 2021/02/11 8:15 p.m.22 views

CVE-2021-21029

Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are affected by a Reflected Cross-site Scripting vulnerability via 'file' parameter. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Access to the admin console is required...

4.8CVSS6.3AI score
Exploits0References1
CVE
CVE
added 2021/02/11 7:29 p.m.86 views

CVE-2021-21029

Summary of CVE-2021-21029 (Magento) Affected software: Magento Commerce / Magento Open Source (Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier, 2.3.6 and earlier). Vulnerability: Reflected Cross-site Scripting via the parameter. Successful exploitation could lead to arbitrary JavaScript...

4.8CVSS4.8AI score0.84674EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/02/11 7:29 p.m.26 views

CVE-2021-21029 Magento Commerce Reflected Cross-site Scripting Vulnerability Could Lead To Arbitrary JavaScript Execution

Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are affected by a Reflected Cross-site Scripting vulnerability via 'file' parameter. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Access to the admin console is required...

4.8CVSS5.1AI score0.84674EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2021/02/10 12:0 a.m.270 views

Adobe Magento Commerce Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Reflected Cross-Site Scripting XSS product: Adobe Magento Commerce vulnerable version: 2.4.2 fixed version: 2.4.2 CVE number: CVE-2021-21029 impact: Medium homepage:...

0.84674EPSS
Exploits1
Rows per page
Query Builder