2 matches found
CVE-2024-39403
CVE-2024-39403 is a stored XSS vulnerability in Adobe Commerce/Magento Open Source (Magento) tied to the Webhook module public key configuration. Affected: Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier. Impact per sources: attacker could inject malicious script into v...
PT-2024-5999 · Adobe · Commerce +1
Name of the Vulnerable Software and Affected Versions: Adobe Commerce versions 2.4.7-p1 through 2.4.4-p9 and earlier Magento Open Source versions 2.4.7-p1 through 2.4.4-p9 and earlier Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known a...