CVE-2019-8233 – In Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1, an unauthenticated …

Vuln ID: CVE-2019-8233

Published:  2019-11-06  00:15:13Z

Description: In Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1, an unauthenticated user can inject arbitrary JavaScript code as a result of the sanitization engine ignoring HTML comments.

Source: NVD.NIST.GOV

 

Tags