Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
2020-07-22T20:15:12.157
2024-11-21T05:41:03.547
Modified
CVSSv3.1: 6.1 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | magento | magento | ≤ 1.9.4.5 | Yes |
Application | magento | magento | ≤ 1.14.4.5 | Yes |