Description
A cryptographic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9 and Magento 2.3 prior to 2.3.2 resulted in storage of sensitive information with an algorithm that is insufficiently resistant to brute force attacks.
Remediation
References
Related Vulnerabilities
WordPress Plugin Catchers Helpdesk and Ticket system for Support Cross-Site Scripting (2.6.7)
WordPress Plugin WP Discourse Unspecified Vulnerability (0.9.7)
WordPress Plugin Gallery-Flagallery Photo Portfolio 'flagshow.php' Cross-Site Scripting (1.57)
Magento Improper Authorization Vulnerability (CVE-2021-21026)