CVE-2019-8121

Summary

An insecure component vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. Magento 2 codebase leveraged outdated versions of JS libraries (Bootstrap, jquery, Knockout) with known security vulnerabilities.

Affected Software

VendorProductVersion RangeStatus
Adobe Systems IncorporatedMagento 2Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p2affected

Weaknesses

  • Using components with known vulnerabilities

ADP Enrichment

CVE Program Container

Additional References

References