cbcvebase.
CVE-2023-23617
published 2023-01-28

CVE-2023-23617: OpenMage LTS is an e-commerce platform. Versions prior to 19.4.22 and 20.0.19 contain an infinite loop in malicious code filter in certain conditions. Versions…

PriorityP338high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.99%
58.0th percentile
OpenMage LTS is an e-commerce platform. Versions prior to 19.4.22 and 20.0.19 contain an infinite loop in malicious code filter in certain conditions. Versions 19.4.22 and 20.0.19 have a fix for this issue. There are no known workarounds.

Affected

6 ranges
VendorProductVersion rangeFixed in
openmagemagento< 19.4.2219.4.22
openmagemagento>= 20.0.0 < 20.0.1920.0.19
openmagemagento-lts< 19.4.2219.4.22
openmagemagento-lts
openmagemagento-lts>= 0 < 19.4.2219.4.22
openmagemagento-lts>= 20.0.0 < 20.0.1920.0.19
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.