Cheat sheets

CVE-2020-13423: Magento vulnerability

Share this with people that should know this:

Form Builder 2.1.0 for Magento has multiple XSS issues that can be exploited against Magento 2 admin accounts via the Current_url or email field, or the User-Agent HTTP header.

References

  • anothernetsecblog.com
  • anothernetsecblog.com/magento-2-extension-security/
  • landofcoder.com/magento-2-form-builder.html
  • Share this with people that should know this: