CVE-2021-28556

CVE-2021-28556

Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a DOM-based Cross-Site Scripting vulnerability on mage-messages cookies. Successful exploitation could lead to arbitrary JavaScript execution by an unauthenticated attacker. User interaction is required for successful exploitation.

Source: CVE-2021-28556

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다