Lucene search
+L

4 matches found

github
github
added 2026/01/14 9:46 p.m.19 views

Algolia Search & Discovery for Magento 2 Has Untrusted Data Handling

Impact Versions of the Algolia Search & Discovery extension for Magento 2 prior to 3.17.2 and 3.16.2 contain a vulnerability where data read from the database was treated as a trusted source during job execution. If an attacker is able to modify records used by the extension’s indexing queue, thi...

7.1AI score
Exploits0References4Affected Software1
snyk
snyk
added 2026/01/14 9:46 p.m.9 views

Arbitrary Code Injection

Overview algolia/algoliasearch-magento-2 is an Algolia Search & Discovery extension for Magento 2 Affected versions of this package are vulnerable to Arbitrary Code Injection via the job execution process. An attacker can execute arbitrary PHP code by injecting malicious data into the database...

7.7CVSS8AI score
Exploits0References2
osv
osv
added 2026/01/14 9:46 p.m.4 views

GHSA-595P-G7XC-C333 Algolia Search & Discovery for Magento 2 Has Untrusted Data Handling

Impact Versions of the Algolia Search & Discovery extension for Magento 2 prior to 3.17.2 and 3.16.2 contain a vulnerability where data read from the database was treated as a trusted source during job execution. If an attacker is able to modify records used by the extension’s indexing queue, thi...

6.9CVSS5.8AI score
Exploits0References4
gitlab
gitlab
added 2026/01/14 12:0 a.m.11 views

Algolia Search & Discovery for Magento 2 Has Untrusted Data Handling

Versions of the Algolia Search & Discovery extension for Magento 2 prior to 3.17.2 and 3.16.2 contain a vulnerability where data read from the database was treated as a trusted source during job execution. If an attacker is able to modify records used by the extension’s indexing queue, this could...

7AI score
Exploits0References5Affected Software1
Rows per page
Query Builder