Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2024-06-13T09:04:57.617Z
Updated: 2024-08-02T02:42:59.883Z
Reserved: 2024-04-30T19:50:50.901Z
Link: CVE-2024-34105
Vulnrichment
Updated: 2024-08-02T02:42:59.883Z
NVD
Status : Modified
Published: 2024-06-13T09:15:11.340
Modified: 2024-11-21T09:18:06.520
Link: CVE-2024-34105
Redhat
No data.