Description

A cross-site request forgery vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can result in unintended deletion of the store design schedule.

Remediation

References

CVE-2019-7873

Related Vulnerabilities

Joomla! Core 3.x.x Multiple Vulnerabilities (3.2.0 - 3.6.5)

WordPress Plugin Product Subtitle For WooCommerce Arbitrary File Disclosure (4.1)

WordPress Plugin Featured Posts by BestWebSoft Cross-Site Scripting (1.0.0)

Liferay Portal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-5190)

PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-43789)

Severity

Medium

Classification

CVE-2019-7873 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities