Skip to main content

Amasty Blog Pro

1 CVEs product

Monthly

CVE-2022-36433 MEDIUM POC This Month

The blog-post creation functionality in the Amasty Blog Pro 2.10.3 plugin for Magento 2 allows injection of JavaScript code in the short_content and full_content fields, leading to XSS attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Adobe XSS Amasty Blog Pro
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
EPSS 1% CVSS 6.1
MEDIUM POC This Month

The blog-post creation functionality in the Amasty Blog Pro 2.10.3 plugin for Magento 2 allows injection of JavaScript code in the short_content and full_content fields, leading to XSS attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Adobe XSS Amasty Blog Pro
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy