← back
CVE-2019-7899

CVE-2019-7899

EPSS 0.9%
Names of disabled downloadable products could be disclosed due to inadequate validation of user input in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.
Affected products
n/a · Magento 1 Magento 2

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33