Vulnerability DB

VULNERABILITY	AFFECTS	TYPE	PUBLISHED
H Improper Authorization	magento/community-edition<2.4.4-p9>=2.4.5-p1, <2.4.5-p8>=2.4.6-p1, <2.4.6-p6>=2.4.7-beta1, <2.4.7-p1	Composer	8 Aug 2024
H Server-Side Request Forgery (SSRF)	magento/community-edition<2.4.4-p9>=2.4.5-p1, <2.4.5-p8>=2.4.6-p1, <2.4.6-p6>=2.4.7-beta1, <2.4.7-p1	Composer	8 Aug 2024
C Improper Authentication	magento/community-edition<2.4.4-p9>=2.4.5-p1, <2.4.5-p8>=2.4.6-p1, <2.4.6-p6>=2.4.7-beta1, <2.4.7-p1	Composer	8 Aug 2024
C XML External Entity (XXE) Injection	magento/community-edition<2.4.4-p9>=2.4.5, <2.4.5-p8>=2.4.6, <2.4.6-p6>=2.4.7, <2.4.7-p1	Composer	14 Jun 2024
M Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')	magento/community-edition>=2.1, <2.1.15>=2.2, <2.2.6	Composer	29 May 2024
M Insecure Defaults	magento/community-edition>=2.2.0, <2.2.10>=2.3.0, <2.3.3	Composer	19 Jul 2023
M Cross-site Scripting (XSS)	magento/community-edition<2.4.4-p2>=2.4.5, <2.4.5-p1	Composer	8 Dec 2022
H Improper Input Validation	magento/community-edition<2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1	Composer	8 Dec 2022
M Improper Access Control	magento/community-edition<2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1	Composer	8 Dec 2022
L Cross-site Scripting (XSS)	magento/community-edition<2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1	Composer	8 Dec 2022
M Cross-site Scripting (XSS)	magento/community-edition<2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1	Composer	8 Dec 2022
L Improper Authorization	magento/community-edition<2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1	Composer	8 Dec 2022
H Improper Authorization	magento/community-edition<2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1	Composer	8 Dec 2022
C Improper Input Validation	magento/community-edition<2.3.7-p3>=2.4.3, <2.4.3-p2	Composer	8 Dec 2022
M Improper Access Control	magento/community-edition<2.4.4-p2>=2.4.5, <2.4.5-p1	Composer	8 Dec 2022
H Improper Input Validation	magento/community-edition<2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1	Composer	8 Dec 2022
H Path Traversal	magento/community-edition<2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1	Composer	8 Dec 2022
C XML Injection	magento/community-edition<2.3.7-p4>=2.4.0, <2.4.3-p3>=2.4.4, <2.4.4-p1	Composer	8 Dec 2022
C Improper Input Validation	magento/community-edition>=0.0.0	Composer	20 Feb 2022
H Improper Input Validation	magento/community-edition>=2.3.3-p1, <2.3.7-p3>=2.4.0, <2.4.3-p2	Composer	14 Feb 2022
M Cross-site Request Forgery (CSRF)	magento/community-edition<2.3.7-p2>=2.4.0, <2.4.3-p1	Composer	13 Oct 2021
M Security Bypass	magento/community-edition>=2.4.0, <2.4.2-p2<2.3.7-p1	Composer	12 Sept 2021
C Arbitrary Code Execution	magento/community-edition>=2.4.0, <2.4.2-p2<2.3.7-p1	Composer	12 Sept 2021
H Denial of Service (DoS)	magento/community-edition>=2.4.0, <2.4.2-p2<2.3.7-p1	Composer	12 Sept 2021
C Improper Authorization	magento/community-edition>=2.4.0, <2.4.2-p2<2.3.7-p1	Composer	12 Sept 2021
C Arbitrary Code Execution	magento/community-edition>=2.4.0, <2.4.2-p2<2.3.7-p1	Composer	12 Sept 2021
M Improper Authorization	magento/community-edition>=2.4.0, <2.4.2-p2<2.3.7-p1	Composer	12 Sept 2021
H Privilege Escalation	magento/community-edition>=2.4.0, <2.4.2-p2<2.3.7-p1	Composer	12 Sept 2021
M Cross-site Scripting (XSS)	magento/community-edition>=2.4.0, <2.4.2-p2<2.3.7-p1	Composer	12 Sept 2021
H XML Injection	magento/community-edition>=2.4.0, <2.4.2-p2<2.3.7-p1	Composer	11 Sept 2021

APPLICATION

OPERATING SYSTEM