Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Openmage Subscribe
Filtered by product Openmage Long Term Support
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-15151 2 Magento, Openmage 2 Magento, Openmage Long Term Support 2021-11-18 4.0 MEDIUM 8.0 HIGH
OpenMage LTS before versions 19.4.6 and 20.0.2 allows attackers to circumvent the `fromkey protection` in the Admin Interface and increases the attack surface for Cross Site Request Forgery attacks. This issue is related to Adobe's CVE-2020-9690. It is patched in versions 19.4.6 and 20.0.2.