CNNVD-202508-1171 Information
CNNVD ID
CNNVD-202508-1171
Related CVE
- CNNVD Published: 2025-08-12
Description (Chinese)
Adobe Commerce是美国奥多比(Adobe)公司的一种面向商家和品牌的全球领先的数字商务解决方案。 Adobe Commerce存在跨站脚本漏洞,该漏洞源于容易受到存储型跨站脚本攻击。以下版本受到影响:2.4.9-alpha1版本、2.4.8-p1版本、2.4.7-p6版本、2.4.6-p11版本、2.4.5-p13版本、2.4.4-p14版本及之前版本。
Description (English)
Adobe Commerce is the leading global digital business solution for both business and brands in Adobe, United States. Adobe Commerce has a cross-site script loophole, which stems from its vulnerability to storage-type cross-site script attacks. The following versions were affected: 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier.
Hazard Level
Medium
Vulnerability Type
跨站脚本
Affected Vendor
奥多比
Published
2025-08-12
Last Modified
2026-02-24
References
https://helpx.adobe.com/security/products/magento/apsb25-71.html https://nvd.nist.gov/vuln/detail/CVE-2025-49557
Patch
https://helpx.adobe.com/security/products/magento/apsb25-71.html
Share on: