Magento CMS Flash File Uploader Cross Site Scripting Vulnerability

Bugtraq ID: 93575
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Oct 14 2016 12:00AM
Updated: Oct 26 2016 12:08AM
Credit: Francisco Javier Correa Silva.
Vulnerable: Magento Enterprise Edition 1.14.2.3
Magento Enterprise Edition 1.14.2.2
Magento Enterprise Edition 1.14.2.1
Magento Enterprise Edition 1.14.2.0
Magento Enterprise Edition 1.14.1.0
Magento Enterprise Edition 1.12.0.2
Magento Enterprise Edition 1.12.0.1
Magento Community Edition 1.9.2.3
Magento Community Edition 1.9.2.2
Magento Community Edition 1.9.2.1
Magento Community Edition 1.9.2.0
Magento Community Edition 1.9.1.0
Magento Community Edition 1.7.0.2
Magento Community Edition 1.7.0.1
Not Vulnerable: Magento Enterprise Edition 1.14.3
Magento Community Edition 1.9.3


 

Privacy Statement
Copyright 2010, SecurityFocus