Total
103 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-35698 | 1 Adobe | 2 Commerce, Magento Open Source | 2024-02-28 | N/A | 5.4 MEDIUM |
| Adobe Commerce versions 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by a Stored Cross-site Scripting vulnerability. Exploitation of this issue does not require user interaction and could result in a post-authentication arbitrary code execution. | |||||
| CVE-2022-24086 | 2 Adobe, Magento | 2 Commerce, Magento | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution. | |||||
| CVE-2021-39864 | 1 Adobe | 2 Commerce, Magento Open Source | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Commerce versions 2.4.2-p2 (and earlier), 2.4.3 (and earlier) and 2.3.7p1 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via a Wishlist Share Link. Successful exploitation could lead to unauthorized addition to customer cart by an unauthenticated attacker. Access to the admin console is not required for successful exploitation. | |||||