GHSA-GJJM-4X3G-3H33 Magento 2 Community Edition XSS Vulnerability

A stored cross-site scripting XSS vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary Javascript code into the dynamic block when invoking page builder on a product...

CVE-2019-8139

A stored cross-site scripting XSS vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary Javascript code into the dynamic block when invoking page builder on a product...

Cross site scripting

A stored cross-site scripting XSS vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary Javascript code into the dynamic block when invoking page builder on a product...

SA-CONTRIB-2012-016 - Forward module CSRF and Access bypass

The Forward module enables you to add a "forward this page" link to each node. The link takes regular site visitors to a form where they can generate an email to a friend. The module exhibits multiple vulnerabilities as described below. The module includes "Recent forwards" and "Most forwarded"...

Polymorphic XOR Additive Feedback Encoder

This encoder implements a polymorphic XOR additive feedback encoder. The decoder stub is generated based on dynamic instruction substitution and dynamic block ordering. Registers are also selected dynamically. This module requires Metasploit: https://metasploit.com/download Current source:...