CVE-2019-7877
CVE-2019-7877
A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to manage orders can inject malicious javascript.
Affected products
n/a · Magento 2Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →