Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2024-20759

Adobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Confidentiality and integrity are considered high due to having admin impact.

  • Published: Apr 10, 2024
  • Updated: Apr 11, 2024
  • CVE: CVE-2024-20759
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 8.1
  • AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
adobe / commerce 2.3.7-p1 2.3.7-p1.x
adobe / commerce 2.4.3-p1 2.4.3-p1.x
adobe / commerce 2.4.2-p2 2.4.2-p2.x
adobe / commerce 2.4.2-p1 2.4.2-p1.x
adobe / commerce 2.4.3 2.4.3.x
adobe / commerce 2.3.7-p2 2.3.7-p2.x
adobe / commerce 2.3.7 2.3.7.x
adobe / commerce 2.3.7-p3 2.3.7-p3.x
adobe / commerce 2.4.3-p2 2.4.3-p2.x
adobe / commerce 2.4.4 2.4.4.x
adobe / commerce 2.4.4-p1 2.4.4-p1.x
adobe / commerce 2.4.4-p2 2.4.4-p2.x
adobe / commerce 2.4.4-p3 2.4.4-p3.x
adobe / commerce 2.4.5 2.4.5.x
adobe / commerce 2.4.5-p1 2.4.5-p1.x
adobe / commerce 2.4.5-p2 2.4.5-p2.x
adobe / commerce 2.4.6 2.4.6.x
adobe / magento 2.4.4 2.4.4.x
adobe / commerce 2.3.7-p4 2.3.7-p4.x
adobe / commerce 2.3.7-p4-ext1 2.3.7-p4-ext1.x
adobe / commerce 2.3.7-p4-ext2 2.3.7-p4-ext2.x
adobe / commerce 2.4.0 2.4.0.x
adobe / commerce 2.4.0-ext-1 2.4.0-ext-1.x
adobe / commerce 2.4.0-ext-2 2.4.0-ext-2.x
adobe / commerce 2.4.1 2.4.1.x
adobe / commerce 2.4.1-ext-1 2.4.1-ext-1.x
adobe / commerce 2.4.1-ext-2 2.4.1-ext-2.x
adobe / commerce 2.4.2 2.4.2.x
adobe / commerce 2.4.2-ext-1 2.4.2-ext-1.x
adobe / commerce 2.4.2-ext-2 2.4.2-ext-2.x
adobe / commerce 2.4.3-ext-1 2.4.3-ext-1.x
adobe / commerce 2.4.3-ext-2 2.4.3-ext-2.x
adobe / commerce 2.4.4-p4 2.4.4-p4.x
adobe / commerce 2.4.5-p3 2.4.5-p3.x
adobe / commerce 2.4.6-p1 2.4.6-p1.x
adobe / magento 2.4.4-p1 2.4.4-p1.x
adobe / magento 2.4.4-p2 2.4.4-p2.x
adobe / magento 2.4.4-p3 2.4.4-p3.x
adobe / magento 2.4.5 2.4.5.x
adobe / magento 2.4.5-p1 2.4.5-p1.x
adobe / magento 2.4.5-p2 2.4.5-p2.x
adobe / magento 2.4.6 2.4.6.x
adobe / commerce 2.3.7-p4-ext3 2.3.7-p4-ext3.x
adobe / commerce 2.3.7-p4-ext4 2.3.7-p4-ext4.x
adobe / commerce 2.4.0-ext-3 2.4.0-ext-3.x
adobe / commerce 2.4.0-ext-4 2.4.0-ext-4.x
adobe / commerce 2.4.1-ext-3 2.4.1-ext-3.x
adobe / commerce 2.4.1-ext-4 2.4.1-ext-4.x
adobe / commerce 2.4.2-ext-3 2.4.2-ext-3.x
adobe / commerce 2.4.2-ext-4 2.4.2-ext-4.x
adobe / commerce 2.4.2-ext-6 2.4.2-ext-6.x
adobe / commerce 2.4.3-ext-3 2.4.3-ext-3.x
adobe / commerce 2.4.3-ext-4 2.4.3-ext-4.x
adobe / commerce 2.4.3-ext-6 2.4.3-ext-6.x
adobe / commerce 2.4.4-p5 2.4.4-p5.x
adobe / commerce 2.4.4-p6 2.4.4-p6.x
adobe / commerce 2.4.4-p7 2.4.4-p7.x
adobe / commerce 2.4.5-p4 2.4.5-p4.x
adobe / commerce 2.4.5-p5 2.4.5-p5.x
adobe / commerce 2.4.5-p6 2.4.5-p6.x
adobe / commerce 2.4.6-p2 2.4.6-p2.x
adobe / commerce 2.4.6-p3 2.4.6-p3.x
adobe / commerce 2.4.6-p4 2.4.6-p4.x
adobe / commerce 2.4.7 2.4.7.x
adobe / commerce 2.4.7-b1 2.4.7-b1.x
adobe / commerce 2.4.7-b2 2.4.7-b2.x
adobe / commerce 2.4.7-beta3 2.4.7-beta3.x
adobe / magento 2.4.4-p4 2.4.4-p4.x
adobe / magento 2.4.4-p5 2.4.4-p5.x
adobe / magento 2.4.4-p6 2.4.4-p6.x
adobe / magento 2.4.4-p7 2.4.4-p7.x
adobe / magento 2.4.5-p3 2.4.5-p3.x
adobe / magento 2.4.5-p4 2.4.5-p4.x
adobe / magento 2.4.5-p5 2.4.5-p5.x
adobe / magento 2.4.5-p6 2.4.5-p6.x
adobe / magento 2.4.6-p1 2.4.6-p1.x
adobe / magento 2.4.6-p2 2.4.6-p2.x
adobe / magento 2.4.6-p3 2.4.6-p3.x
adobe / magento 2.4.6-p4 2.4.6-p4.x
adobe / magento 2.4.7 2.4.7.x
adobe / magento 2.4.7-b1 2.4.7-b1.x
adobe / magento 2.4.7-b2 2.4.7-b2.x
adobe / magento 2.4.7-beta3 2.4.7-beta3.x