Vulnerabilities > Magento

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-02	CVE-2019-7923	Server-Side Request Forgery (SSRF) vulnerability in Magento A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. network low complexity magento CWE-918	7.2
2019-08-02	CVE-2019-7921	Cross-site Scripting vulnerability in Magento A stored cross-site scripting vulnerability exists in the product catalog form of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. network low complexity magento CWE-79	5.4
2019-08-02	CVE-2019-7915	Unspecified vulnerability in Magento A denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. network low complexity magento	7.5
2019-08-02	CVE-2019-7913	Server-Side Request Forgery (SSRF) vulnerability in Magento A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. network low complexity magento CWE-918	7.2
2019-08-02	CVE-2019-7912	Unrestricted Upload of File with Dangerous Type vulnerability in Magento A file upload filter bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. network low complexity magento CWE-434	7.2
2019-08-02	CVE-2019-7911	Server-Side Request Forgery (SSRF) vulnerability in Magento A server-side request forgery (SSRF) vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. network low complexity magento CWE-918	7.2
2019-08-02	CVE-2019-7909	Cross-site Scripting vulnerability in Magento A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. network low complexity magento CWE-79	4.8
2019-08-02	CVE-2019-7908	Cross-site Scripting vulnerability in Magento A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. network low complexity magento CWE-79	4.8
2019-08-02	CVE-2019-7904	Unspecified vulnerability in Magento Insufficient enforcement of user access controls in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could enable a low-privileged user to make unauthorized environment configuration changes. network low complexity magento	6.5
2019-08-02	CVE-2019-7903	Unspecified vulnerability in Magento A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. network low complexity magento	7.2

Vulnerabilities > Magento {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Magento"}]}

Vulnerabilities > Magento