CVE-2020-9691

Summary

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. Successful exploitation could lead to arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AdobeMagento2.3.5-p1 and earlier, and 2.3.5-p1 and earlier versionsaffected

Weaknesses

  • DOM-based Cross-Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References