Vulnerabilities > Magento > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-06 | CVE-2019-8148 | Cross-site Scripting vulnerability in Magento 2.3.0/2.3.1/2.3.2 A stored cross-site scripting (XSS) vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 4.8 |
2019-11-06 | CVE-2019-8147 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 5.4 |
2019-11-06 | CVE-2019-8146 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 5.4 |
2019-11-06 | CVE-2019-8143 | SQL Injection vulnerability in Magento A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 6.5 |
2019-11-06 | CVE-2019-8142 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 5.4 |
2019-11-06 | CVE-2019-8140 | Unrestricted Upload of File with Dangerous Type vulnerability in Magento An unrestricted file upload vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 4.9 |
2019-11-06 | CVE-2019-8139 | Cross-site Scripting vulnerability in Magento 2.3.0/2.3.1/2.3.2 A stored cross-site scripting (XSS) vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 5.4 |
2019-11-06 | CVE-2019-8138 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 5.4 |
2019-11-06 | CVE-2019-8133 | Unspecified vulnerability in Magento A security bypass vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 6.5 |
2019-11-06 | CVE-2019-8131 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 5.4 |