Magento Project-Community-Edition vulnerabilities

CVE-2021-21030 [HIGH] CWE-79 Magento stored cross-site scripting (XSS) in the customer address upload feature Magento stored cross-site scripting (XSS) in the customer address upload feature Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting (XSS) in the customer address upload feature. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Exploitation of this issue requires

CVE-2021-36044 [HIGH] CWE-20 Magento affected by a server-side denial-of-service using a GraphQL field Magento affected by a server-side denial-of-service using a GraphQL field Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An unauthenticated attacker could abuse this vulnerability to cause a server-side denial-of-service using a GraphQL field.

CVE-2021-36020 [HIGH] CWE-91 Magento XML Injection vulnerability in the 'City' field Magento XML Injection vulnerability in the 'City' field Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the 'City' field. An unauthenticated attacker can trigger a specially crafted script to achieve remote code execution.

CVE-2021-36030 [HIGH] CWE-20 Magento allows attackers to alter the price of items Magento allows attackers to alter the price of items Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability during the checkout process. An unauthenticated attacker can leverage this vulnerability to alter the price of items.

CVE-2021-36022 [HIGH] CWE-74 Magento XML Injection vulnerability in the Widgets Update Layout Magento XML Injection vulnerability in the Widgets Update Layout Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution.

CVE-2020-9588 [HIGH] CWE-203 Magento Signature verification bypass Magento Signature verification bypass Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass.

CVE-2021-36043 [HIGH] CWE-918 Magento affected by a blind SSRF vulnerability in the bundled dotmailer extension Magento affected by a blind SSRF vulnerability in the bundled dotmailer extension Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a blind SSRF vulnerability in the bundled dotmailer extension. An attacker with admin privileges could abuse this to achieve remote code execution should Redis be enabled.

CVE-2021-36031 [HIGH] CWE-22 Magento Path Traversal vulnerability via the `theme[preview_image]` parameter Magento Path Traversal vulnerability via the `theme[preview_image]` parameter Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a Path Traversal vulnerability via the `theme[preview_image]` parameter. An attacker with admin privileges could leverage this vulnerability to achieve remote code execution.

CVE-2020-9587 [HIGH] CWE-863 Magento authorization bypass vulnerability Magento authorization bypass vulnerability Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts.

CVE-2021-36029 [HIGH] CWE-285 Magento improper authorization vulnerability Magento improper authorization vulnerability Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper authorization vulnerability. An attacker with admin privileges could leverage this vulnerability to achieve remote code execution.

CVE-2021-36032 [HIGH] CWE-20 Magento is affected by an improper input validation vulnerability Magento is affected by an improper input validation vulnerability Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the `V1/customers/me` endpoint to achieve information exposure and privilege escalation.

CVE-2019-8114 [HIGH] CWE-434 Magento 2 Community Edition RCE Vulnerability Magento 2 Community Edition RCE Vulnerability A remote code execution vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to import features can execute arbitrary code via crafted configuration archive file upload. As per [the Magento Release 2.3.3](https://web.archive.org/web/20201126132230/http

CVE-2021-28583 [HIGH] CWE-657 Magento Violation of Secure Design Principles vulnerability in RMA PDF filename formats Magento Violation of Secure Design Principles vulnerability in RMA PDF filename formats Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a Violation of Secure Design Principles vulnerability in RMA PDF filename formats. Successful exploitation could allow an attacker to get unauthorized access to restricted resources.

CVE-2021-36041 [HIGH] CWE-20 Magento vulnerable to file upload attack Magento vulnerable to file upload attack Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges could upload a specially crafted file in the 'pub/media` directory could lead to remote code execution.

CVE-2021-36034 [HIGH] CWE-20 Magento affected by remote code execution via a file upload Magento affected by remote code execution via a file upload Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An attacker with admin privileges can upload a specially crafted file to achieve remote code execution.

CVE-2020-9689 [MEDIUM] CWE-22 Magento path traversal vulnerability Magento path traversal vulnerability Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a path traversal vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2021-36039 [MEDIUM] CWE-863 Magento discloses sensitive information Magento discloses sensitive information Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability via the `quoteId` parameter. An attacker can abuse this vulnerability to disclose sensitive information.

CVE-2021-21023 [MEDIUM] CWE-79 Magento stored cross-site scripting vulnerability in the admin console Magento stored cross-site scripting vulnerability in the admin console Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting vulnerability in the admin console. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Access to the admin console is required for successful exploita

CVE-2020-24401 [MEDIUM] CWE-863 Magento 2 Community Edition Incorrect Authorization Magento 2 Community Edition Incorrect Authorization Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect authorization vulnerability. A user can still access resources provisioned under their old role after an administrator removes the role or disables the user's account.

CVE-2020-9584 [MEDIUM] CWE-79 Magento Stored cross-site scripting Magento Stored cross-site scripting Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.