Adobe - Magento Open Source CVE

Filtered by vendor Adobe Subscribe

Filtered by product Magento Open Source

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-36020	1 Adobe	2 Adobe Commerce, Magento Open Source	2021-09-08	7.5 HIGH	9.8 CRITICAL
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the 'City' field. An unauthenticated attacker can trigger a specially crafted script to achieve remote code execution.

Vulnerabilities (CVE)