Total vulnerabilities in the database
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Payload is stored in an admin area, resulting in high confidentiality and integrity impact.
| Software | From | Fixed in |
|---|---|---|
| adobe / commerce | 2.3.7-p1 | 2.3.7-p1.x |
| adobe / commerce | 2.4.3 | 2.4.3.x |
| adobe / commerce | 2.3.7-p2 | 2.3.7-p2.x |
| adobe / commerce | 2.4.4 | 2.4.4.x |
| adobe / commerce | 2.3.7 | 2.3.7.x |
| adobe / commerce | 2.3.7-p3 | 2.3.7-p3.x |
| adobe / commerce | 2.4.5 | 2.4.5.x |
| adobe / commerce | 2.4.4-p1 | 2.4.4-p1.x |
| adobe / commerce | 2.4.5-p1 | 2.4.5-p1.x |
| adobe / commerce | 2.4.4-p2 | 2.4.4-p2.x |
| adobe / commerce | 2.4.5-p2 | 2.4.5-p2.x |
| adobe / commerce | 2.4.4-p3 | 2.4.4-p3.x |
| adobe / commerce | 2.4.6 | 2.4.6.x |
| adobe / magento | 2.4.4 | 2.4.4.x |
| adobe / magento | 2.4.4-p1 | 2.4.4-p1.x |
| adobe / magento | 2.4.4-p2 | 2.4.4-p2.x |
| adobe / magento | 2.4.4-p3 | 2.4.4-p3.x |
| adobe / magento | 2.4.5 | 2.4.5.x |
| adobe / magento | 2.4.5-p1 | 2.4.5-p1.x |
| adobe / magento | 2.4.5-p2 | 2.4.5-p2.x |
| adobe / magento | 2.4.6 | 2.4.6.x |
| adobe / commerce | 2.3.7-p4-ext2 | 2.3.7-p4-ext2.x |
| adobe / commerce | 2.3.7-p4-ext1 | 2.3.7-p4-ext1.x |
| adobe / commerce | 2.3.7-p4 | 2.3.7-p4.x |
| adobe / commerce | 2.4.0 | 2.4.0.x |
| adobe / commerce | 2.4.0-ext-1 | 2.4.0-ext-1.x |
| adobe / commerce | 2.4.0-ext-2 | 2.4.0-ext-2.x |
| adobe / commerce | 2.4.1 | 2.4.1.x |
| adobe / commerce | 2.4.1-ext-1 | 2.4.1-ext-1.x |
| adobe / commerce | 2.4.1-ext-2 | 2.4.1-ext-2.x |
| adobe / commerce | 2.4.2 | 2.4.2.x |
| adobe / commerce | 2.4.2-ext-1 | 2.4.2-ext-1.x |
| adobe / commerce | 2.4.2-ext-2 | 2.4.2-ext-2.x |
| adobe / commerce | 2.4.3-ext-2 | 2.4.3-ext-2.x |
| adobe / commerce | 2.4.3-ext-1 | 2.4.3-ext-1.x |
| adobe / commerce | 2.4.4-p4 | 2.4.4-p4.x |
| adobe / commerce | 2.4.5-p3 | 2.4.5-p3.x |
| adobe / commerce | 2.4.6-p1 | 2.4.6-p1.x |
| adobe / magento | 2.4.6-p2 | 2.4.6-p2.x |
| adobe / magento | 2.4.6-p1 | 2.4.6-p1.x |
| adobe / magento | 2.4.7-b1 | 2.4.7-b1.x |
| adobe / commerce | 2.4.5-p4 | 2.4.5-p4.x |
| adobe / magento | 2.4.5-p3 | 2.4.5-p3.x |
| adobe / magento | 2.4.5-p4 | 2.4.5-p4.x |
| adobe / commerce | 2.4.4-p5 | 2.4.4-p5.x |
| adobe / commerce | 2.4.7-b1 | 2.4.7-b1.x |
| adobe / commerce | 2.4.5-p5 | 2.4.5-p5.x |
| adobe / commerce | 2.4.6-p2 | 2.4.6-p2.x |
| adobe / commerce | 2.4.3-ext-4 | 2.4.3-ext-4.x |
| adobe / commerce | 2.4.3-ext-3 | 2.4.3-ext-3.x |
| adobe / commerce | 2.4.2-ext-4 | 2.4.2-ext-4.x |
| adobe / commerce | 2.4.2-ext-3 | 2.4.2-ext-3.x |
| adobe / commerce | 2.4.1-ext-4 | 2.4.1-ext-4.x |
| adobe / commerce | 2.4.1-ext-3 | 2.4.1-ext-3.x |
| adobe / commerce | 2.4.0-ext-4 | 2.4.0-ext-4.x |
| adobe / commerce | 2.4.0-ext-3 | 2.4.0-ext-3.x |
| adobe / commerce | 2.3.7-p4-ext4 | 2.3.7-p4-ext4.x |
| adobe / commerce | 2.3.7-p4-ext3 | 2.3.7-p4-ext3.x |