CVE-2025-24428 | Adobe Commerce form cross site scripting (apsb25-08)

Inserito da Angelo Barbosa | Feb 11, 2025 | CVE

A vulnerability was found in Adobe Commerce up to 2.4.4-p11/2.4.5-p10/2.4.6-p8/2.4.7-beta1/2.4.7-p3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument form leads to cross site scripting.

This vulnerability is known as CVE-2025-24428. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-24428 | Adobe Commerce form cross site scripting (apsb25-08)

Post correlati

CVE-2024-21738 | SAP NetWeaver ABAP Application Server and ABAP Platform cross site scripting

CVE-2021-47202 | Linux Kernel up to 5.4.209/5.10.80/5.14.20/5.15.3 thermal of_parse_thermal_zones null pointer dereference

CVE-2024-5001 | biplob018 Image Hover Effects for Elementor with Lightbox and Flipbox Plugin cross site scripting

CVE-2024-21667 | Pimcore Customer Data Framework prior 4.0.6 GDPR Extract access control