CVE-2022-34253
- EPSS 37.19%
- Veröffentlicht 16.08.2022 21:15:09
- Zuletzt bearbeitet 21.11.2024 07:09:09
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an XML Injection vulnerability in the Widgets Module. An attacker with admin privileges can trigger a specially crafted script to achieve r...
- EPSS 93.49%
- Veröffentlicht 16.02.2022 17:15:13
- Zuletzt bearbeitet 23.10.2025 14:51:16
Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitra...
CVE-2021-39864
- EPSS 0.86%
- Veröffentlicht 15.10.2021 15:15:08
- Zuletzt bearbeitet 21.11.2024 06:20:25
Adobe Commerce versions 2.4.2-p2 (and earlier), 2.4.3 (and earlier) and 2.3.7p1 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via a Wishlist Share Link. Successful exploitation could lead to unauthorized addition to ...