CVE-2020-9691
published 2020-07-29CVE-2020-9691: Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. Successful exploitation could lead to…
critical9.6CVSS 3.1
AVNACLPRNUIRSCCHIHAH
Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. Successful exploitation could lead to arbitrary code execution.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | magento | — | — |
| magento | community-edition | >= 0 < 2.3.5-p2 | 2.3.5-p2 |
| magento | magento | < 2.3.5 | 2.3.5 |
| magento | magento | — | — |
| magento | project-community-edition | 0 – 2.0.2 | — |