Skip to main content
CVE-2025-27400 LOW PATCH Monitor

Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Rated low severity (CVSS 2.9). No vendor patch available.

Adobe XSS
NVD GitHub
CVSS 3.1
2.9
EPSS
0.4%
CVE-2025-1795 LOW Monitor

During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 4.0
2.3
EPSS
0.6%
CVE-2025-22272 LOW Monitor

In the "/EPMUI/ModalDlgHandler.ashx?value=showReadonlyDlg" endpoint, it is possible to inject code in the "modalDlgMsgInternal" parameter via POST, which is then executed in the browser. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 4.0
2.1
EPSS
0.3%
CVE-2025-22274 LOW Monitor

It is possible to inject HTML code into the page content using the "content" field in the "Application definition" page. Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 4.0
2.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy