Stored Cross-site scripting in Magento Open Source and Adobe Commerce (formerly Magento Commerce) - #VU8713
Published: October 5, 2017
Vulnerability identifier: #VU8713
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: N/A
CWE-ID: CWE-352
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Adobe
Affected software:
Magento Open Source
Adobe Commerce (formerly Magento Commerce)
Magento Open Source
Adobe Commerce (formerly Magento Commerce)
Detailed vulnerability description
The vulnerability allows a remote attacker to perform XSS attack.
The vulnerability exists due to insufficient sanitization of user-supplied data passed via Group Name parameter (code). A remote authenticated attacker can permanently inject and execute arbitrary HTML code in victims browser. The exploit code will be present on several pages when the customer group is shown (on viewing individual orders, individual customers, etc).
This vulnerability can be exploited in chain with CSRF vulnerability, described in this advisory.
The vulnerability exists due to insufficient sanitization of user-supplied data passed via Group Name parameter (code). A remote authenticated attacker can permanently inject and execute arbitrary HTML code in victims browser. The exploit code will be present on several pages when the customer group is shown (on viewing individual orders, individual customers, etc).
This vulnerability can be exploited in chain with CSRF vulnerability, described in this advisory.
Remediation
Update to version 1.9.3.6, 1.14.3.6, 2.0.16 or 2.1.9.