Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:45663
HistoryFeb 28, 2024 - 6:29 a.m.

Cross-site Scripting (XSS)

2024-02-2806:29:30
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
magento
cross-site scripting
xss
vulnerability
input validation
form fields

AI Score

6.3

Confidence

High

Magento LTS is vulnerable to Cross-Site Scripting (XSS). The vulnerability is due to insufficient input validation on form fields within File.php. This allows a low-privileged attacker to inject malicious scripts, resulting in Cross-site Scripting (XSS).

AI Score

6.3

Confidence

High