CVE-2020-13423
N/A
N/A
Summary
Form Builder 2.1.0 for Magento has multiple XSS issues that can be exploited against Magento 2 admin accounts via the Current_url or email field, or the User-Agent HTTP header.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://anothernetsecblog.com
- https://landofcoder.com/magento-2-form-builder.html
- https://anothernetsecblog.com/magento-2-extension-security/
References
- https://anothernetsecblog.com
- https://landofcoder.com/magento-2-form-builder.html
- https://anothernetsecblog.com/magento-2-extension-security/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.