Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2024-06-13T09:04:57.617Z

Updated: 2024-08-02T02:42:59.883Z

Reserved: 2024-04-30T19:50:50.901Z

Link: CVE-2024-34105

cve-icon Vulnrichment

Updated: 2024-08-02T02:42:59.883Z

cve-icon NVD

Status : Analyzed

Published: 2024-06-13T09:15:11.340

Modified: 2024-07-09T15:34:26.507

Link: CVE-2024-34105

cve-icon Redhat

No data.