Magento 2 Community Edition CSRF vulnerability

A cross-site request forgery vulnerability exists in the GiftCardAccount removal feature for Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2...

GHSA-77MV-P94F-QCQ4 Magento 2 Community Edition XSS Vulnerability

A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with...

Magento 2 Community Edition XSS Vulnerability

A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with...

CVE-2019-7944

A stored cross-site scripting vulnerability exists in the product comments field of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to the Retur...

Magento encryption issue vulnerability (CNVD-2019-40837)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions . An encryption issue vulnerability exists in Magento Open Source versions prior to 1.9.4.2 and Magento Commerce...

Unspecified vulnerability in Magento (CNVD-2020-52448)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engine and payment gateway and other functions. A security vulnerability exists in Magento Open Source versions prior to 1.9.4.2 and Magento Commerce versions prio...

Magento Cross-Site Scripting Vulnerability (CNVD-2019-26215)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. A cross-site scripting vulnerability exists in the admin panel in Magento Open Source versions prior to 1.9.4.2 a...

Magento cross-site scripting vulnerability (CNVD-2019-26239)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions . A cross-site scripting vulnerability exists in the admin panel in Magento Open Source versions prior to 1.9.4.2...

Unspecified vulnerability in Magento (CNVD-2020-52453)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. A security vulnerability exists in Magento Open Source versions prior to 1.9.4.2 and Magento Commerce versions...

Unspecified Vulnerability in Magento (CNVD-2020-52450)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engine and payment gateway and other functions. A security vulnerability exists in Magento Open Source versions prior to 1.9.4.2 and Magento Commerce versions prio...

Magento Encryption Issues Vulnerabilities

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. An encryption issue vulnerability exists in Magento Open Source versions prior to 1.9.4.2 and Magento Commerce...

Magento cross-site scripting vulnerability (CNVD-2019-26218)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engine and payment gateway and other functions. A cross-site scripting vulnerability exists in Magento Open Source versions prior to 1.9.4.2 and Magento Commerce...