Posted on

Magento up to 1.9.4.1/2.1.17/2.2.8/2.3.1 WYSIWYG Editor SWF File Stored cross site scripting

A vulnerability, which was classified as problematic, has been found in Magento up to 1.9.4.1/2.1.17/2.2.8/2.3.1. This issue affects some unknown functionality of the component WYSIWYG Editor. Upgrading to version 1.9.4.2, 2.1.18, 2.2.9 or 2.3.2 eliminates this vulnerability.