Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
composer
openmage
magento-lts
v19.5.0-rc4
magento-lts v19.5.0-rc4
openmage
Published
May 4, 2023
•
Policy
compliance
composer Registry
Developer Trust Score
N/A
Recommended Version:
x.y.z
Best
Latest version with 0 known vulnerabilities that meets your policy.
Compare Versions
Overview
Overview
Versions
92
Versions
92
Vulnerabilities
13
Vulnerabilities
13
Dependencies
0
Dependencies
0
Reset filters
Severity
Critical
(0)
High
(0)
Medium
(0)
Low
(1)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
2.9
CVE-2025-27400
Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Versions prior to 20.12.3 and 20.13.0 contain a vulnerability that allows script execution in the admin panel which could lead to cross-site scripting against authenticated admin users. The attack requires an admin user with configuration access, so in practicality it is not very likely to be useful given that a user with this level of access is probably already a full admin. Versions 20.12.3 and 20.13.0 contain a patch for the issue.
affected
Severity
Low
Published
Mar 3, 2025
