CVE-2021-21023

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-21023

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-21023.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-21023

Aliases

Published

2021-02-11T20:15:14Z

Modified

2024-09-03T03:40:32.141413Z

Summary

[none]

Details

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting vulnerability in the admin console. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Access to the admin console is required for successful exploitation.

References

https://helpx.adobe.com/security/products/magento/apsb21-08.html

Affected packages

Git / github.com/magento/devdocs

Affected ranges

Type: GIT
Repo: https://github.com/magento/devdocs
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

9eba2c99bed83d8297c03b7ea3b110500cc5b955

Type: GIT
Repo: https://github.com/magento/magento2
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

53ad434d78cd2d357203fb82e5ea059883f403b8

Affected versions

0.*

0.1.0-alpha100

0.1.0-alpha101

0.1.0-alpha102

0.1.0-alpha103

0.1.0-alpha104

0.1.0-alpha105

0.1.0-alpha106

0.1.0-alpha107

0.1.0-alpha108

0.1.0-alpha89

0.1.0-alpha90

0.1.0-alpha91

0.1.0-alpha92

0.1.0-alpha93

0.1.0-alpha94

0.1.0-alpha95

0.1.0-alpha96

0.1.0-alpha97

0.1.0-alpha98

0.1.0-alpha99

0.42.0-beta1

0.42.0-beta10

0.42.0-beta11

0.42.0-beta2

0.42.0-beta3

0.42.0-beta4

0.42.0-beta5

0.42.0-beta6

0.42.0-beta7

0.42.0-beta8

0.42.0-beta9

0.74.0-beta1

0.74.0-beta10

0.74.0-beta11

0.74.0-beta12

0.74.0-beta13

0.74.0-beta14

0.74.0-beta15

0.74.0-beta16

0.74.0-beta2

0.74.0-beta3

0.74.0-beta4

0.74.0-beta5

0.74.0-beta6

0.74.0-beta7

0.74.0-beta8

0.74.0-beta9

1.*

1.0.0-beta

1.x-eos

2.*

2.0.0

2.0.0-rc

2.0.0-rc2

2.0.10

2.0.11

2.0.12

2.0.13

2.0.14

2.0.15

2.0.16

2.0.17

2.0.18

2.0.8

2.0.9

2.1.0

2.1.0-rc1

2.1.0-rc2

2.1.0-rc3

2.1.1

2.1.10

2.1.11

2.1.12

2.1.13

2.1.14

2.1.15

2.1.16

2.1.17

2.1.18

2.1.2

2.1.3

2.1.4

2.1.5

2.1.6

2.1.7

2.1.8

2.1.9

2.2.0

2.2.0-RC1.1

2.2.0-RC1.2

2.2.0-RC1.3

2.2.0-RC1.4

2.2.0-RC1.5

2.2.0-RC1.6

2.2.0-RC1.8

2.2.0-rc2.0

2.2.0-rc2.1

2.2.0-rc2.2

2.2.0-rc2.3

2.2.0-rc3.0

2.2.1

2.2.10

2.2.11

2.2.2

2.2.3

2.2.4

2.2.5

2.2.6

2.2.7

2.2.8

2.2.9

2.3.0

2.3.1

2.3.2

2.3.2-p1

2.3.3

2.3.3-p1

2.3.4

2.3.5