Vulnerabilities > Magento
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-06 | CVE-2019-8153 | Cross-site Scripting vulnerability in Magento A mitigation bypass to prevent cross-site scripting (XSS) exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 6.1 |
2019-11-06 | CVE-2019-8152 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting (XSS) vulnerability exists in in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 5.4 |
2019-11-06 | CVE-2019-8151 | Server-Side Request Forgery (SSRF) vulnerability in Magento A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 7.2 |
2019-11-06 | CVE-2019-8150 | Unspecified vulnerability in Magento A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 8.8 |
2019-11-06 | CVE-2019-8149 | Insufficient Session Expiration vulnerability in Magento Insecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 9.8 |
2019-11-06 | CVE-2019-8148 | Cross-site Scripting vulnerability in Magento 2.3.0/2.3.1/2.3.2 A stored cross-site scripting (XSS) vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 4.8 |
2019-11-06 | CVE-2019-8147 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 5.4 |
2019-11-06 | CVE-2019-8146 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 5.4 |
2019-11-06 | CVE-2019-8144 | Unspecified vulnerability in Magento 2.3.0/2.3.1/2.3.2 A remote code execution vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 9.8 |
2019-11-06 | CVE-2019-8143 | SQL Injection vulnerability in Magento A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 6.5 |