openmage/magento-lts Security Advisories for v20.1.1 (3)
-
[MEDIUM] Magento LTS vulnerable to stored Cross-site Scripting (XSS) in admin system configs
PKSA-w1pc-fvwg-8vsf CVE-2024-41676 GHSA-5vrp-638w-p8m2
Affected version: <20.10.1
Reported by:
GitHub -
[MEDIUM] Magento LTS vulnerable to stored XSS in admin file form
PKSA-7kjg-jm3v-dfw2 GHSA-gp6m-fq6h-cjcx
Affected version: <19.5.3|>=20.0.0,<20.5.0
Reported by:
GitHub -
[HIGH] Magento LTS vulnerable to Stored XSS via TinyMCE WYSIWYG Editor
PKSA-gyfx-x49w-8nbg GHSA-9j5w-2cqc-cwj9
Affected version: <20.2.0
Reported by:
GitHub