216.73.217.86

CVE-2024-39403

· Published 14/08/2024 12:15 · Modified 14/08/2024 14:45

Labels: CVE-2024-39403 2024-08-14CVE-2024-39403CWE-79[email protected]

Essential information

Published
14/08/2024 12:15
Modified
14/08/2024 14:45
Author
Creator
CVSS
7.6 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N

CVSS metrics

Description

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Confidentiality impact is high due to the attacker being able to exfiltrate sensitive information.

NVD status

Status
Analyzed — CVE is currently being analyzed by NVD staff, this process results in association of reference link tags, CVSS scores, CWE association, and CPE applicability statements.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
adobe / commerce cpe:2.3:a:adobe:commerce:*:*:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p7:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p8:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.4:p9:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:p6:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:p7:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.5:p8:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.6:p4:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.6:p5:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.6:p6:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.7:-:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.7:b1:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.7:b2:*:*:*:*:*:*
adobe / commerce cpe:2.3:a:adobe:commerce:2.4.7:p1:*:*:*:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:*:*:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:-:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p1:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p2:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p3:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p4:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p5:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p6:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p7:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p8:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.4:p9:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:-:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:p1:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:p2:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:p3:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:p4:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:p5:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:p6:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:p7:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.5:p8:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.6:-:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.6:p1:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.6:p2:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.6:p3:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.6:p4:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.6:p5:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.6:p6:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.7:-:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.7:b1:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.7:b2:*:*:open_source:*:*:*
adobe / magento cpe:2.3:a:adobe:magento:2.4.7:p1:*:*:open_source:*:*:*

References