Magento

Magento

222 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2019-7926

  • EPSS 0.11%
  • Veröffentlicht 02.08.2019 22:15:18
  • Zuletzt bearbeitet 21.11.2024 04:48:57

A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify node attributes t...

4.8

CVE-2019-7927

  • EPSS 0.11%
  • Veröffentlicht 02.08.2019 22:15:18
  • Zuletzt bearbeitet 21.11.2024 04:48:57

A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to edit product content pag...

7.5

CVE-2019-7928

  • EPSS 0.35%
  • Veröffentlicht 02.08.2019 22:15:18
  • Zuletzt bearbeitet 21.11.2024 04:48:57

A denial-of-service (DoS) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. By abusing insufficient brute-forcing defenses in the token exchange protocol, an unauthenticated attacker could di...

4.9

CVE-2019-7929

  • EPSS 0.06%
  • Veröffentlicht 02.08.2019 22:15:18
  • Zuletzt bearbeitet 21.11.2024 04:48:57

An information leakage vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges may be able to view metadata of a trusted device used by another a...

9

CVE-2019-7930

  • EPSS 0.4%
  • Veröffentlicht 02.08.2019 22:15:18
  • Zuletzt bearbeitet 21.11.2024 04:48:58

A file upload restriction bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to the import feature can make modifications to a configuration file, ...

7.2

CVE-2019-7932

  • EPSS 0.9%
  • Veröffentlicht 02.08.2019 22:15:18
  • Zuletzt bearbeitet 21.11.2024 04:48:58

A remote code execution vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privil...

4.8

CVE-2019-7934

  • EPSS 0.11%
  • Veröffentlicht 02.08.2019 22:15:18
  • Zuletzt bearbeitet 21.11.2024 04:48:58

A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be ...

4.8

CVE-2019-7935

  • EPSS 0.11%
  • Veröffentlicht 02.08.2019 22:15:18
  • Zuletzt bearbeitet 21.11.2024 04:48:58

A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be ...

4.8

CVE-2019-7936

  • EPSS 0.11%
  • Veröffentlicht 02.08.2019 22:15:18
  • Zuletzt bearbeitet 21.11.2024 04:48:58

A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify content block tit...

4.8

CVE-2019-7937

  • EPSS 0.11%
  • Veröffentlicht 02.08.2019 22:15:18
  • Zuletzt bearbeitet 21.11.2024 04:48:58

A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to store product attributes...