afine-com/CVE-2022-35501

Releases0

Stars1

Stored Cross-site Scripting (XSS) in blog-post creation functionality in Amasty Blog Pro for Magento 2

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-35501 ↗	Nov 23, 2022Wednesday, 23 November 2022, 17:15	5.4 MEDIUM	—
Stored Cross-site Scripting (XSS) exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplicate post function.