Magento

Magento

222 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2019-7926

  • EPSS 0.11%
  • Published 02.08.2019 22:15:18
  • Last modified 21.11.2024 04:48:57

A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify node attributes t...

4.8

CVE-2019-7927

  • EPSS 0.11%
  • Published 02.08.2019 22:15:18
  • Last modified 21.11.2024 04:48:57

A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to edit product content pag...

7.5

CVE-2019-7928

  • EPSS 0.35%
  • Published 02.08.2019 22:15:18
  • Last modified 21.11.2024 04:48:57

A denial-of-service (DoS) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. By abusing insufficient brute-forcing defenses in the token exchange protocol, an unauthenticated attacker could di...

4.9

CVE-2019-7929

  • EPSS 0.06%
  • Published 02.08.2019 22:15:18
  • Last modified 21.11.2024 04:48:57

An information leakage vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges may be able to view metadata of a trusted device used by another a...

9

CVE-2019-7930

  • EPSS 0.4%
  • Published 02.08.2019 22:15:18
  • Last modified 21.11.2024 04:48:58

A file upload restriction bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to the import feature can make modifications to a configuration file, ...

7.2

CVE-2019-7932

  • EPSS 0.9%
  • Published 02.08.2019 22:15:18
  • Last modified 21.11.2024 04:48:58

A remote code execution vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privil...

4.8

CVE-2019-7934

  • EPSS 0.11%
  • Published 02.08.2019 22:15:18
  • Last modified 21.11.2024 04:48:58

A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be ...

4.8

CVE-2019-7935

  • EPSS 0.11%
  • Published 02.08.2019 22:15:18
  • Last modified 21.11.2024 04:48:58

A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be ...

4.8

CVE-2019-7936

  • EPSS 0.11%
  • Published 02.08.2019 22:15:18
  • Last modified 21.11.2024 04:48:58

A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to modify content block tit...

4.8

CVE-2019-7937

  • EPSS 0.11%
  • Published 02.08.2019 22:15:18
  • Last modified 21.11.2024 04:48:58

A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with privileges to store product attributes...