Lucene search
K

184 matches found

Github Security Blog
Github Security Blog
added 2024/02/27 9:47 p.m.83 views

Magento LTS vulnerable to stored XSS in admin file form

Summary OpenMage is affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Details MageAdminhtmlBlockSystemConfigFormFieldFile does not escape filename value in certain situations. Same...

5.4CVSS5.4AI score0.00442EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/08 12:0 a.m.5 views

PT-2023-33004 · Tinymce +1 · Tinymce +1

Name of the Vulnerable Software and Affected Versions: TinyMCE versions prior to 20.2.0 OpenMage magento-lts versions prior to 20.2.0 Description: The TinyMCE WYSIWYG editor fails to filter scripts when rendering HTML in specially crafted HTML tags, allowing for potential exploitation. This issue...

7.5CVSS7AI score
Exploits0References6
NVD
NVD
added 2023/09/11 10:15 p.m.44 views

CVE-2023-41879

Magento LTS is the official OpenMage LTS codebase. Guest orders may be viewed without authentication using a "guest-view" cookie which contains the order's "protectcode". This code is 6 hexadecimal characters which is arguably not enough to prevent a brute-force attack. Exposing each order would...

7.5CVSS7.6AI score0.00823EPSS
Exploits1References5
Prion
Prion
added 2023/09/11 10:15 p.m.16 views

Authentication flaw

Magento LTS is the official OpenMage LTS codebase. Guest orders may be viewed without authentication using a "guest-view" cookie which contains the order's "protectcode". This code is 6 hexadecimal characters which is arguably not enough to prevent a brute-force attack. Exposing each order would...

5CVSS7.6AI score0.00823EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2023/09/11 9:14 p.m.60 views

CVE-2023-41879

CVE-2023-41879 affects Magento OpenMage LTS (Magento LTS) where a guest-order retrieval cookie, guest-view, contains a 6-hex-protect_code. The short entropy (24 bits) enables brute-forcing to view guest orders without authentication, exposing billing/shipping data and order items. Multiple source...

7.5CVSS7.5AI score0.00823EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2023/09/11 9:14 p.m.33 views

CVE-2023-41879 Magento LTS's guest order "protect code" can be brute-forced too easily

Magento LTS is the official OpenMage LTS codebase. Guest orders may be viewed without authentication using a "guest-view" cookie which contains the order's "protectcode". This code is 6 hexadecimal characters which is arguably not enough to prevent a brute-force attack. Exposing each order would...

7.5CVSS7.5AI score0.00823EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2023/09/11 8:45 p.m.29 views

Magento LTS's guest order "protect code" can be brute-forced too easily

Impact Guest orders may be viewed without authentication using a "guest-view" cookie which contains the order's "protectcode". This code is 6 hexadecimal characters which is arguably not enough to prevent a brute-force attack. Exposing each order would require a separate brute force attack. Patch...

7.5CVSS7.1AI score0.00823EPSS
Exploits1References7Affected Software1
CNNVD
CNNVD
added 2023/09/11 12:0 a.m.5 views

OpenMage Magento Lts Security Feature Issue Vulnerability

OpenMage Magento Lts Magento is an e-commerce system organized by OpenMage. A security signature issue vulnerability exists in OpenMage Magento Lts that originates from allowing to view visitor orders without authentication...

7.5CVSS6.8AI score0.00823EPSS
Exploits1References6
Veracode
Veracode
added 2023/02/22 8:4 a.m.15 views

Remote Code Execution (RCE)

openmage/magento-lts is vulnerable to Remote Code Execution RCE. The vulnerability exists due to insufficient input validation which allows an administrator with upload file permission to create products which results in arbitrary code execution via the convert profile...

7.2CVSS5.8AI score0.01235EPSS
Exploits0References6Affected Software1
Veracode
Veracode
added 2023/02/16 9:3 a.m.20 views

Remote Code Execution

openmage/magento-lts is vulnerable to Remote Code Execution. The vulnerability exists in the deleteDirectory function in Storage.php which allows an attacker to delete arbitrary files and execute arbitrary code into the server...

7.2CVSS5.3AI score0.01293EPSS
Exploits0References6Affected Software1
Veracode
Veracode
added 2023/02/02 4:51 a.m.28 views

Remote Code Execution (RCE)

openmage/magento-lts is vulnerable to Remote Code Execution RCE. The vulnerability exists due to the lack of validation in the $this, $callback, and $alias parameters in the getChildGroup function of Abstract.php, allowing an attacker to bypass the block blacklist and inject and execute malicious...

8.8CVSS6.8AI score0.01166EPSS
Exploits0References6Affected Software1
Veracode
Veracode
added 2023/02/02 3:29 a.m.23 views

Denial Of Service (DoS)

openmage/magento-lts is vulnerable to Denial Of Service DoS. The vulnerability exists in the filter function of MaliciousCode.php, allowing an attacker to cause an application crash through an infinite loop by providing malicious input...

7.5CVSS7.1AI score0.00986EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2023/01/28 12:15 a.m.45 views

CVE-2023-23617

OpenMage LTS is an e-commerce platform. Versions prior to 19.4.22 and 20.0.19 contain an infinite loop in malicious code filter in certain conditions. Versions 19.4.22 and 20.0.19 have a fix for this issue. There are no known workarounds...

7.5CVSS5.9AI score0.00986EPSS
Exploits0References4
Prion
Prion
added 2023/01/28 12:15 a.m.17 views

Code injection

OpenMage LTS is an e-commerce platform. Versions prior to 19.4.22 and 20.0.19 contain an infinite loop in malicious code filter in certain conditions. Versions 19.4.22 and 20.0.19 have a fix for this issue. There are no known workarounds...

5CVSS7.5AI score0.00986EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/27 11:24 p.m.8 views

CVE-2023-23617 OpenMage LTS has DoS vulnerability in MaliciousCode filter

OpenMage LTS is an e-commerce platform. Versions prior to 19.4.22 and 20.0.19 contain an infinite loop in malicious code filter in certain conditions. Versions 19.4.22 and 20.0.19 have a fix for this issue. There are no known workarounds...

4.9CVSS6.5AI score0.00986EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/01/27 11:24 p.m.41 views

CVE-2023-23617 OpenMage LTS has DoS vulnerability in MaliciousCode filter

OpenMage LTS is an e-commerce platform. Versions prior to 19.4.22 and 20.0.19 contain an infinite loop in malicious code filter in certain conditions. Versions 19.4.22 and 20.0.19 have a fix for this issue. There are no known workarounds...

4.9CVSS7.7AI score0.00986EPSS
Exploits0References4
CVE
CVE
added 2023/01/27 11:24 p.m.82 views

CVE-2023-23617

OpenMage LTS (OpenMage Magento LTS) is affected by CVE-2023-23617. Versions prior to 19.4.22 and 20.0.19 contain an infinite loop in the MaliciousCode filter under certain conditions, enabling a Denial of Service. The fixed releases are 19.4.22 and 20.0.19, which address this issue. Other connect...

7.5CVSS6.2AI score0.00986EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/01/27 11:24 p.m.25 views

CVE-2023-23617 OpenMage LTS has DoS vulnerability in MaliciousCode filter

OpenMage LTS is an e-commerce platform. Versions prior to 19.4.22 and 20.0.19 contain an infinite loop in malicious code filter in certain conditions. Versions 19.4.22 and 20.0.19 have a fix for this issue. There are no known workarounds...

4.9CVSS7.5AI score0.00986EPSS
Exploits0References6
NVD
NVD
added 2023/01/27 7:15 p.m.63 views

CVE-2021-41231

OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, an administrator with the permissions to upload files via DataFlow and to create products was able to execute arbitrary code via the convert profile. Versions 19.4.22 and 20.0.19 contain a patch for this issue...

7.2CVSS7.3AI score0.01235EPSS
Exploits0References4
OSV
OSV
added 2023/01/27 7:15 p.m.19 views

CVE-2021-41231

OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, an administrator with the permissions to upload files via DataFlow and to create products was able to execute arbitrary code via the convert profile. Versions 19.4.22 and 20.0.19 contain a patch for this issue...

7.2CVSS7.3AI score
Exploits0References4
Rows per page
Query Builder