Vulnerability Details CVE-2019-8148
A stored cross-site scripting (XSS) vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can inject arbitrary JavaScript code when creating a content page via page builder.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.5%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 3.5
References