VYPR

Packagist (Composer) package

magneto/core

pkg:composer/magneto/core

Vulnerabilities (2)

  • CVE-2020-3758Jan 29, 2020
    affected < 1.9.4.4fixed 1.9.4.4

    Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

  • CVE-2020-3718Jan 29, 2020
    affected < 1.9.4.4fixed 1.9.4.4

    Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary code execution.