CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Amasty: >> Amasty Blog Pro Security Vulnerabilities

CVE-2022-36433

The blog-post creation functionality in the Amasty Blog Pro 2.10.3 plugin for Magento 2 allows injection of JavaScript code in the short_content and full_content fields, leading to XSS attacks against admin panel users via posts/preview or posts/save.

CVSS Score

6.1

EPSS Score

0.002

Published

2022-11-29

Page 1

Vulnerabilities

Vulnerable Software

Amasty: >> Amasty Blog Pro Security Vulnerabilities

Products

Pricing

Contact Us