CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2020-15244 – RCE in Magento
https://notcve.org/view.php?id=CVE-2020-15244
In Magento (rubygems openmage/magento-lts package) before versions 19.4.8 and 20.0.4, an admin user can generate soap credentials that can be used to trigger RCE via PHP Object Injection through product attributes and a product. The issue is patched in versions 19.4.8 and 20.0.4. En Magento (paquete rubygems openmage/magento-lts) versiones anteriores a 19.4.8 y 20.0.4, un usuario administrador puede generar credenciales soap que pueden ser usadas para activar una RCE por medio de la inyección de objetos PHP mediante atributos de producto y un producto. El problema está parcheado en las versiones 19.4.8 y 20.0.4 • https://github.com/OpenMage/magento-lts https://github.com/OpenMage/magento-lts/commit/26433d15b57978fcb7701b5f99efe8332ca8630b https://github.com/OpenMage/magento-lts/security/advisories/GHSA-jrgf-vfw2-hj26 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-502: Deserialization of Untrusted Data •
CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0CVE-2020-24408 – Stored XSS in customer address upload feature
https://notcve.org/view.php?id=CVE-2020-24408
Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by a persistent XSS vulnerability that allows users to upload malicious JavaScript via the file upload component. This vulnerability could be abused by an unauthenticated attacker to execute XSS attacks against other Magento users. This vulnerability requires a victim to browse to the uploaded file. Magento versiones 2.4.0 y 2.3.5p1 (y anteriores) están afectadas por una vulnerabilidad de tipo XSS persistente que permite a usuarios cargar JavaScript malicioso por medio del componente file upload. Un atacante no autenticado podría abusar de esta vulnerabilidad para ejecutar ataques de tipo XSS contra otros usuarios de Magento. • https://helpx.adobe.com/security/products/magento/apsb20-59.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.0EPSS: 0%CPEs: 4EXPL: 0CVE-2020-15151 – Observable Timing Discrepancy in OpenMage LTS
https://notcve.org/view.php?id=CVE-2020-15151
OpenMage LTS before versions 19.4.6 and 20.0.2 allows attackers to circumvent the `fromkey protection` in the Admin Interface and increases the attack surface for Cross Site Request Forgery attacks. This issue is related to Adobe's CVE-2020-9690. It is patched in versions 19.4.6 and 20.0.2. OpenMage LTS versiones anteriores a 19.4.6 y 20.0.2, permite a atacantes evitar la "fromkey protection" en la interfaz de Administración y aumenta la superficie de ataque para ataques de tipo Cross Site Request Forgery. Este problema está relacionado con el CVE-2020-9690 de Adobe. • https://github.com/OpenMage/magento-lts/commit/7c526bc6a6a51b57a1bab4c60f104dc36cde347a https://github.com/OpenMage/magento-lts/security/advisories/GHSA-crf2-xm6x-46p6 https://helpx.adobe.com/security/products/magento/apsb20-47.html • CWE-203: Observable Discrepancy CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.6EPSS: 0%CPEs: 6EXPL: 0CVE-2020-9691
https://notcve.org/view.php?id=CVE-2020-9691
Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. Successful exploitation could lead to arbitrary code execution. Magento versiones 2.3.5-p1 y anteriores, y versiones 2.3.5-p1 y anteriores, presentan una vulnerabilidad de tipo cross-site scripting basada en dom. Una explotación con éxito podría conllevar a una ejecución de código arbitrario • https://helpx.adobe.com/security/products/magento/apsb20-47.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-9692
https://notcve.org/view.php?id=CVE-2020-9692
Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution. Magento versiones 2.3.5-p1 y anteriores, y versiones 2.3.5-p1 y anteriores presentan una vulnerabilidad de omisión de mitigación de seguridad. Una explotación con éxito podría conllevar a una ejecución de código arbitrario • https://helpx.adobe.com/security/products/magento/apsb20-47.html •