VYPR
Medium severity6.1NVD Advisory· Published Jan 29, 2020· Updated Jun 17, 2026

CVE-2020-3758

CVE-2020-3758

Description

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
magento/community-editionPackagist
>= 2.3.0, < 2.3.42.3.4
magento/community-editionPackagist
< 2.2.112.2.11
magneto/corePackagist
< 1.9.4.41.9.4.4

Affected products

4

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.