magento/community-edition Security Advisories for 2.4.8 (2)
-
[HIGH] Magento Cross-site Scripting vulnerability
PKSA-j53w-rgct-w5r6 CVE-2025-49557 GHSA-8mq8-c243-2335
Affected version: =2.4.8|>=2.4.7-p1,<2.4.7-p7|>=2.4.6-p1,<2.4.6-p12|>=2.4.5-p1,<2.4.5-p14|<2.4.4-p15
Reported by:
GitHub -
[CRITICAL] Magneto contains stored XSS vulnerability
PKSA-rb7h-1s2b-4dwg CVE-2025-47110 GHSA-j934-vjh5-vf9r
Affected version: =2.4.6|>=2.4.6-p1,<2.4.6-p11|=2.4.5|=2.4.8|=2.4.7|<2.4.5-p13|>=2.4.7-beta1,<2.4.7-p6|>=2.4.8-beta1,<2.4.8-p1
Reported by:
GitHub