Vulnerabilities > Adobe > Magento Open Source > 2.4.3

DATE CVE VULNERABILITY TITLE RISK
2023-09-12 CVE-2022-24093 Improper Input Validation vulnerability in Adobe Commerce and Magento Open Source
Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability.
network
low complexity
adobe CWE-20
7.2
7.2
2022-10-14 CVE-2022-35689 Unspecified vulnerability in Adobe Commerce and Magento Open Source
Adobe Commerce versions 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass.
network
low complexity
adobe
5.3
5.3
2022-10-14 CVE-2022-35698 Cross-site Scripting vulnerability in Adobe Commerce and Magento Open Source
Adobe Commerce versions 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by a Stored Cross-site Scripting vulnerability.
network
low complexity
adobe CWE-79
5.4
5.4
2021-10-15 CVE-2021-39864 Cross-Site Request Forgery (CSRF) vulnerability in Adobe Commerce and Magento Open Source
Adobe Commerce versions 2.4.2-p2 (and earlier), 2.4.3 (and earlier) and 2.3.7p1 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via a Wishlist Share Link.
network
adobe CWE-352
4.3
4.3