CVE-2025-27400
LOW2.9EPSS 0.20%Magento LTS vulnerable to stored XSS in theme config fields
發布日:2025/3/3修改日:2025/3/3
描述
As reported by [Aakash Adhikari](https://hackerone.com/dark_haxor), Github: @justlife4x4, the Design > Themes > Skin (Images / CSS) config field allows a Stored XSS when it contains an end script tag. ### Impact A malicious user with access to this configuration field could use a Stored XSS to affect other authenticated admin users in the admin panel. The attack requires an admin user with configuration access, so in practice, it is not very likely to be used for gaining elevated privileges, although it could theoretically be used to impersonate other users. 
受影響套件(1)
- Packagist/openmage/magento-ltsfrom 0, < 20.12.3
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | LOW2.9 | CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L |
參考連結(6)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2025-27400
- PATCHhttps://github.com/OpenMage/magento-lts
- WEBhttps://github.com/OpenMage/magento-lts/commit/d307e5bf75729a2347dde0952fe9fd9fcd9c6aea
- WEBhttps://github.com/OpenMage/magento-lts/releases/tag/v20.12.3
- WEBhttps://github.com/OpenMage/magento-lts/releases/tag/v20.13.0
- WEBhttps://github.com/OpenMage/magento-lts/security/advisories/GHSA-5pxh-89cx-4668