0.001 Low
EPSS
Percentile
27.3%
magento/community-edition is vulnerable to cross-site scripting (XSS). The vulnerability exists due to the lack of sanitization on authenticated users’ ability to store product attributes.
magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13