Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2024-06-13T09:04:57.617Z
Updated: 2024-08-02T02:42:59.883Z
Reserved: 2024-04-30T19:50:50.901Z
Link: CVE-2024-34105
Vulnrichment
Updated: 2024-08-02T02:42:59.883Z
NVD
Status : Analyzed
Published: 2024-06-13T09:15:11.340
Modified: 2024-07-09T15:34:26.507
Link: CVE-2024-34105
Redhat
No data.