CVE-2022-35501

Published November 23rd, 2022

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

N/A

Affected

1

PROJECT

Description

Stored Cross-site Scripting (XSS) exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplicate post function.

afine-com/CVE-2022-35501

Stored Cross-site Scripting (XSS) in blog-post creation functionality in Amasty Blog Pro for Magento 2

GitHub

1