Results for cross-site scripting attack

Threat Research

Magento Commerce Widget Form (Core) XSS Vulnerability

The FortiGuard Labs team discovered a Cross-Site Scripting (XSS) vulnerability in Magento. This XSS vulnerability is caused by Magento failing to sanitize user-supplied data before inserting it into a dynamically generated widget form.

By Zhouyuan YangJanuary 07, 2019