CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-35698

Adobe Commerce versions 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by a Stored Cross-site Scripting vulnerability. Exploitation of this issue does not require user interaction and could result in a post-authentication arbitrary code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.066

EPSS Ranking 90.6%

CVSS Severity

CVSS v3 Score 10.0

References

Products affected by CVE-2022-35698

Adobe » Commerce » Version: N/A

cpe:2.3:a:adobe:commerce:-
Adobe » Commerce » Version: 2.3.7

cpe:2.3:a:adobe:commerce:2.3.7
Adobe » Commerce » Version: 2.4.0

cpe:2.3:a:adobe:commerce:2.4.0
Adobe » Commerce » Version: 2.4.1

cpe:2.3:a:adobe:commerce:2.4.1
Adobe » Commerce » Version: 2.4.2

cpe:2.3:a:adobe:commerce:2.4.2
Adobe » Commerce » Version: 2.4.3

cpe:2.3:a:adobe:commerce:2.4.3
Adobe » Commerce » Version: 2.4.4

cpe:2.3:a:adobe:commerce:2.4.4
Adobe » Commerce » Version: 2.4.5

cpe:2.3:a:adobe:commerce:2.4.5
Adobe » Magento Open Source » Version: 2.3.7

cpe:2.3:a:adobe:magento_open_source:2.3.7
Adobe » Magento Open Source » Version: 2.4.0

cpe:2.3:a:adobe:magento_open_source:2.4.0
Adobe » Magento Open Source » Version: 2.4.1

cpe:2.3:a:adobe:magento_open_source:2.4.1
Adobe » Magento Open Source » Version: 2.4.2

cpe:2.3:a:adobe:magento_open_source:2.4.2
Adobe » Magento Open Source » Version: 2.4.3

cpe:2.3:a:adobe:magento_open_source:2.4.3
Adobe » Magento Open Source » Version: 2.4.4

cpe:2.3:a:adobe:magento_open_source:2.4.4
Adobe » Magento Open Source » Version: 2.4.5

cpe:2.3:a:adobe:magento_open_source:2.4.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-35698

Products

Pricing

Contact Us