PKSA-8582-qjd4-1g8s Security Advisory
-
[MEDIUM] Magento DOM-based Cross-Site Scripting vulnerability on mage-messages cookies
PKSA-8582-qjd4-1g8s CVE-2021-28556 GHSA-39ch-rg26-gmq5
Affected package: magento/community-edition
Affected version: <2.3.7|>=2.4.0,<2.4.2-p1
Reported by:
GitHub