CNNVD-202509-1392 Information

CNNVD ID

CNNVD-202509-1392

Related CVE

CVE-2025-54236

• CNNVD Published: 2025-09-09

Description (Chinese)

Adobe Commerce是美国奥多比（Adobe）公司的一种面向商家和品牌的全球领先的数字商务解决方案。 Adobe Commerce存在安全漏洞，该漏洞源于输入验证不当，可能导致会话劫持。以下版本受到影响：2.4.9-alpha2版本、2.4.8-p2版本、2.4.7-p7版本、2.4.6-p12版本、2.4.5-p14版本和2.4.4-p15及之前版本。

Description (English)

Adobe Commerce is the leading global digital business solution for both business and brands in Adobe, United States. There is a security loophole in Adobe Commerce, which stems from inadequate input validation, which could lead to a session hijacking. The following versions were affected: 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14 and 2.4.4-p15 and earlier.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

奥多比

Published

2025-09-09

Last Modified

2026-02-24

References

https://helpx.adobe.com/security/products/magento/apsb25-88.html

Patch

https://helpx.adobe.com/security/products/magento/apsb25-88.html