Category: Reflected XSS

PRODSECBUG-2069: Vulnerability in Attribute Group Name

Description: Reflected XSS can be inserted into an attribute group name in Admin > Stores > Attribute Set. Type: Cross-Site Scripting (XSS) – reflected CVSSv3 Severity: 4.2 Known Attacks: none Product(s) Affected: Magento 2.1 prior to 2.1.16, Magento 2.2 prior

Posted in Magento 2, Magento Commerce, Magento Open Source, Reflected XSS