Magento Community-Edition vulnerabilities

CVE-2019-7889 [MEDIUM] CWE-74 Magento 2 Community Edition Injection Vulnerability Magento 2 Community Edition Injection Vulnerability An injection vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with marketing manipulation privileges can invoke methods that alter data of the underlying model followed by corresponding database modificati

CVE-2019-7925 [MEDIUM] CWE-22 Magento Insecure Direct Object Reference (IDOR) vulnerability Magento Insecure Direct Object Reference (IDOR) vulnerability An insecure direct object reference (IDOR) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an administrator with limited privileges to delete the downloadable products folder.

CVE-2019-7947 [MEDIUM] CWE-352 Magento 2 Community Edition CSRF vulnerability Magento 2 Community Edition CSRF vulnerability A cross-site request forgery vulnerability exists in the GiftCardAccount removal feature for Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.

CVE-2019-7869 [MEDIUM] CWE-79 Magento Stored Cross-site Scripting vulnerability in the admin panel Magento Stored Cross-site Scripting vulnerability in the admin panel A stored cross-site scripting vulnerability exists in the admin panel of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with permissions to manage customer groups.

CVE-2021-21022 [MEDIUM] CWE-285 Magento Insecure Direct Object Reference (IDOR) in the product module Magento Insecure Direct Object Reference (IDOR) in the product module Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object reference (IDOR) in the product module. Successful exploitation could lead to unauthorized access to restricted resources.

CVE-2019-8118 [MEDIUM] CWE-312 Magento 2 Community Edition Weak Cryptography Magento 2 Community Edition Weak Cryptography Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 uses weak cryptographic function to store the failed login attempts for customer accounts.

CVE-2019-8228 [MEDIUM] CWE-79 Withdrawn Advisory: Magento 2 Community Edition XSS Vulnerability Withdrawn Advisory: Magento 2 Community Edition XSS Vulnerability ## Withdrawn Advisory This advisory has been withdrawn because the vulnerability does not affect a package in one of the GitHub Advisory Database's [supported ecosystems](https://github.com/github/advisory-database/blob/main/README.md#supported-ecosystems). This link is maintained to preserve external references. ## Original Descript

CVE-2019-8143 [MEDIUM] CWE-89 Magento Injection vulnerability via email templates Magento Injection vulnerability via email templates A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with access to email templates can send malicious SQL queries and obtain access to sensitive information stored in the database.

CVE-2019-8129 [MEDIUM] CWE-79 Magento Cross-Site Scripting via Signifyd Guarantee Option Translation Override Magento Cross-Site Scripting via Signifyd Guarantee Option Translation Override A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can exploit it by injecting an embedded expression into a translation.

CVE-2019-8132 [MEDIUM] CWE-79 Magento 2 Community Edition XSS Vulnerability Magento 2 Community Edition XSS Vulnerability A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can craft malicious payload in the template Name field for Email template in the "Design Configuration" dashboard.

CVE-2019-7864 [MEDIUM] CWE-639 Magento 2 Community Edition IDOR Vulnerability Magento 2 Community Edition IDOR Vulnerability An insecure direct object reference (IDOR) vulnerability exists in the RSS feeds of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can lead to unauthorized access to order details.

CVE-2021-21026 [MEDIUM] CWE-285 Magento improper authorization vulnerability in the integrations module Magento improper authorization vulnerability in the integrations module Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by an improper authorization vulnerability in the integrations module. Successful exploitation could lead to unauthorized access to restricted resources by an unauthenticated attacker. Access to the admin console is required

CVE-2019-7939 [MEDIUM] CWE-79 Magento Reflected cross-site scripting on customer cart page Magento Reflected cross-site scripting on customer cart page A reflected cross-site scripting vulnerability exists on the customer cart checkout page of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by sending a victim a crafted URL that results in malicious javascript execution in the victim's browser.

CVE-2019-7945 [MEDIUM] CWE-79 Magento 2 Community Edition XSS Vulnerability Magento 2 Community Edition XSS Vulnerability A stored cross-cite scripting vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to modify currency symbols can inject malicious javascript.

CVE-2021-36027 [MEDIUM] CWE-79 Magento stored cross-site scripting vulnerability Magento stored cross-site scripting vulnerability Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a stored cross-site scripting vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE-2019-8139 [MEDIUM] CWE-79 Magento 2 Community Edition XSS Vulnerability Magento 2 Community Edition XSS Vulnerability A stored cross-site scripting (XSS) vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary Javascript code into the dynamic block when invoking page builder on a product.

CVE-2019-8092 [MEDIUM] CWE-79 Magento 2 Community Edition XSS Vulnerability Magento 2 Community Edition XSS Vulnerability A reflected cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code via email template preview.

CVE-2021-36038 [MEDIUM] CWE-20 Magento discloses sensitive information via the Multishipping Module Magento discloses sensitive information via the Multishipping Module Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability in the Multishipping Module. An authenticated attacker could leverage this vulnerability to achieve sensitive information disclosure.

CVE-2019-8142 [MEDIUM] CWE-79 Magento 2 Community Edition XSS Vulnerability Magento 2 Community Edition XSS Vulnerability A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code via title of an order when configuring sales payment methods for a store.

CVE-2019-8153 [MEDIUM] CWE-79 Magento Cross-site Scripting (XSS) Magento Cross-site Scripting (XSS) A mitigation bypass to prevent cross-site scripting (XSS) exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. Successful exploitation of this vulnerability would result in an attacker being able to bypass the `escapeURL()` function and execute a malicious XSS payload. As per [the Magento Release 2.3.3](https://web.archive.org/web/20201126132230/https://devdocs.magento.