CVE-2026-21290 (GCVE-0-2026-21290)

Vulnerability from cvelistv5 – Published: 2026-03-11 02:19 – Updated: 2026-03-12 03:55
VLAI?
Title
Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)
Summary
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field.
Severity ?
8.7 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
CWE
  • CWE-79 - Cross-site Scripting (Stored XSS) (CWE-79)
Assigner
References
Impacted products
Vendor Product Version
Adobe Adobe Commerce Affected: 0 , ≤ 2.4.4-p16 (semver)
Create a notification for this product.
Date Public ?
2026-03-09 17:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21290",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-11T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-12T03:55:22.870Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Adobe Commerce",
          "vendor": "Adobe",
          "versions": [
            {
              "lessThanOrEqual": "2.4.4-p16",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "datePublic": "2026-03-09T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "availabilityRequirement": "NOT_DEFINED",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "confidentialityRequirement": "NOT_DEFINED",
            "environmentalScore": 8.7,
            "environmentalSeverity": "HIGH",
            "exploitCodeMaturity": "NOT_DEFINED",
            "integrityImpact": "HIGH",
            "integrityRequirement": "NOT_DEFINED",
            "modifiedAttackComplexity": "LOW",
            "modifiedAttackVector": "NETWORK",
            "modifiedAvailabilityImpact": "NONE",
            "modifiedConfidentialityImpact": "HIGH",
            "modifiedIntegrityImpact": "HIGH",
            "modifiedPrivilegesRequired": "LOW",
            "modifiedScope": "CHANGED",
            "modifiedUserInteraction": "REQUIRED",
            "privilegesRequired": "LOW",
            "remediationLevel": "NOT_DEFINED",
            "reportConfidence": "NOT_DEFINED",
            "scope": "CHANGED",
            "temporalScore": 8.7,
            "temporalSeverity": "HIGH",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "Cross-site Scripting (Stored XSS) (CWE-79)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-11T02:19:14.251Z",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://helpx.adobe.com/security/products/magento/apsb26-05.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2026-21290",
    "datePublished": "2026-03-11T02:19:14.251Z",
    "dateReserved": "2025-12-12T22:01:18.190Z",
    "dateUpdated": "2026-03-12T03:55:22.870Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-21290\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2026-03-11T03:15:53.773\",\"lastModified\":\"2026-03-11T18:21:47.207\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field.\"},{\"lang\":\"es\",\"value\":\"Las versiones de Adobe Commerce 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 y anteriores est\u00e1n afectadas por una vulnerabilidad de cross-site scripting (XSS) almacenado que podr\u00eda ser abusada por un atacante con bajos privilegios para inyectar scripts maliciosos en campos de formulario vulnerables. JavaScript malicioso puede ser ejecutado en el navegador de una v\u00edctima cuando navegan a la p\u00e1gina que contiene el campo vulnerable. Un atacante exitoso puede abusar de esto para lograr la toma de control de la sesi\u00f3n, aumentando el impacto en la confidencialidad y la integridad a alto. La explotaci\u00f3n de este problema requiere interacci\u00f3n del usuario en el sentido de que una v\u00edctima debe navegar a la p\u00e1gina que contiene el campo vulnerable.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@adobe.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":5.8}]},\"weaknesses\":[{\"source\":\"psirt@adobe.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.3.3\",\"matchCriteriaId\":\"28120C2E-10AD-4476-B6C3-BE3A43946068\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4667AA3-4CC9-41C0-8E0C-19B0FCE1CF79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.3:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E396FB4F-B20A-4BF9-8FBD-014A0F197F08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.3:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"2ADE32D1-2845-4030-BE1F-ECE28189D0F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.3:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2E771C9-86C4-455C-98D4-6F4FE7A9A822\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.3:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"491AB715-F62A-46DB-A56E-055CF7CB7BEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.3:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FE364A8-4780-426F-9E8A-284A31FE2623\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.3:p14:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9258027-8A6A-4C6A-BC6F-349B6E03D828\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.3:p15:*:*:*:*:*:*\",\"matchCriteriaId\":\"934C52C7-8751-481E-BAA7-F631C4E31F32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.3:p16:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3C5847F-57AA-4ADA-8997-5D4F5FDFF50E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.3:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5677B7E2-FA07-4536-96A9-2C64BEFD3751\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.3:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DCD1522-6E27-474F-9FC6-413409D6AD55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.3:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7968FCA-CCFD-4222-8FB8-E6E21107944F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.3:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C175A1F-7814-4C51-A7B7-AD5140F0688F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.3:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"E66CBFB3-40C3-474A-A3A3-12135F610814\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.3:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"F51DFA17-1875-41A9-B141-D89BB6238B3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.3:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A4D10EF-9137-4DF5-A5DD-97907E8B4C02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.3:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CD0DC76-7181-4954-A59E-AB7BB47D0576\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C90C433-6655-4038-9AB3-0304C1AFF360\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.4:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"374E7EDD-512A-4633-A136-01A656935334\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.4:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"89BAB227-03E6-4776-ADE4-9D9CB666EFD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.4:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E5ACABA-D6D6-4F29-A9DD-5A04A44ABE64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.4:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA80AFCE-2663-46C0-AEC0-C16C8E675E6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.4:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB9955CA-7E7B-40D3-A85D-58BB0D9AC897\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.4:p14:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D0A17AC-D433-47C2-A1AC-88291DCCECCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.4:p15:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E0FD85B-E851-436D-A789-852DD26A3B56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.4:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E9D364A-C858-4160-8B8B-33ECF94796D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.4:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"61559E50-581E-40FF-9FD4-10192ECFCD04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.4:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE3BFB41-5633-4167-B1EA-9E958BCE9DC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.4:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2C525D2-837D-486A-8B38-5634AE2ECE2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.4:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F220229-F2DF-4C9D-90A6-8B09F8BE3391\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.4:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"63AB9506-3F8E-4C2E-A859-2380431C15A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.4:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"51B76658-EA6B-4AC9-9D9C-374C5308D069\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.4:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E94B136-7A2C-47F0-BCE4-6BB8E776A305\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C5C3F26-24F0-4CF5-AA2E-7CA13E9D17DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.5:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E888424C-B9F2-4AE7-A77A-39F34143548F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.5:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4BE67D7-6463-4179-8C68-298CF960DBC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.5:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CFD1C81-A05D-4E92-9BF5-244021808C77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.5:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ADE4696-7DAE-45F3-9161-04AF9FB8DAB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.5:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"79DFA5ED-2AA5-4DD6-BFB2-3D0B090C0BD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.5:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE97B86B-32CE-4E7F-BA98-C1059BF7BFF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.5:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"41CEF959-997F-47C9-8186-D4D56C6F4D4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.5:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A83DCE0F-E201-4753-9164-F01D46172248\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.5:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CFAABD7-7658-4A32-B5E3-13F6214BABCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.5:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE880F0B-EC8C-429B-9257-E6F890872F7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.5:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"66F3EA5F-08A2-4A1E-82D3-BBE7FFA2667E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.5:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"7930F188-A689-4041-BF4F-FBCA579D2E49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.3.5:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"45090787-93BF-4683-B1E2-7D12FB18BEED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.4.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"15C638A8-EFE0-47DB-B1F9-34093AF0FC17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.4.2:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB863404-A9D7-4692-AB43-08945E669928\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.4.2:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8CFA8F4-D57D-4D0F-88D5-00A72E3AD8DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.4.2:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A21F608C-C356-47B8-8FBB-DB28BABFC4C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.4.2:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E14195F1-5016-46BE-A614-6FB4E312FC93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.4.2:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C360EA8-B18F-4327-90EF-7EED2892BE4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.4.2:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"500E3A54-D7C7-4887-9EA6-7DF85389A831\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.4.2:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED6FFC1D-E921-4FF7-9928-015630613FE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.4.2:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB8CAC6E-DA06-4C82-B148-38234D4EB910\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.5.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D855D141-7876-4F5A-91BE-6350DD379879\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.5.2:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"79CBDF59-EB84-44D3-81CF-5CBF943B411E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.5.2:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2117B163-D88E-4EB4-AEA7-F27FB732BD48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.5.2:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"33E56E15-320F-4517-85C1-832A5942944C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.5.3:alpha1:*:*:*:*:*:*\",\"matchCriteriaId\":\"508EE0EF-D54A-4834-84AB-FFC62040FDAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.5.3:alpha2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D7C6592-33B0-4586-8178-E8F4EB837B7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce_b2b:1.5.3:alpha3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCC24542-4237-46E4-98C5-0E9D08C3D4D6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.4.4\",\"matchCriteriaId\":\"76AAB57F-7723-44E0-B91A-9F120C849AC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D258D9EF-94FB-41F0-A7A5-7F66FA7A0055\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E5CF6F0-2388-4D3F-8FE1-43B8AF148564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.4:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C3D7164-1C5F-40BC-9EEC-B0E00CD45808\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.4:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"68AAE162-5957-42AF-BE20-40F341837FAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.4:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9D01159-3309-4F6B-93B0-2D89DDD33DEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.4:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"91736E79-D8E7-4AF2-8E01-A7B4EB8AD6F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.4:p14:*:*:*:*:*:*\",\"matchCriteriaId\":\"8412C043-64E7-4DFF-A303-13A6FE113BFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.4:p15:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBDA2BCF-E784-4CF3-B30D-6FF5BEE2055F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.4:p16:*:*:*:*:*:*\",\"matchCriteriaId\":\"00909C10-6C93-4735-94ED-18DCBD608A28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6D6F1A7-ABB5-4EDC-9EA8-98B74518847A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFEBDDF2-6443-4482-83B2-3CD272CF599F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"6661093F-8D22-450F-BC6C-A8894A52E6A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"2515DA6D-2E74-4A05-BD29-FEEF3322BCB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"69A1F1F7-E53C-40F3-B3D9-DC011FC353BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.4:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A56E96C-6CE5-442C-AA88-F0059B02B5E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.4:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"8867F510-201C-4199-8554-53DE156CE669\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.4:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"23988132-DD4E-4968-B6B8-954122F76081\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B07F7B2-E915-4EFF-8FFC-91143CEF082E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F5E9DB6-1386-4274-8270-2FE0F0CAF7FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.5:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"5764CC97-C866-415D-A3A1-5B5B9E1C06A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.5:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"E82D10D8-2894-4E5B-B47B-F00964DD5CDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.5:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"B044F2D9-E888-4852-8A40-DCE688860ED3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.5:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"6423C754-36F9-4680-9211-60940ED63E79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.5:p14:*:*:*:*:*:*\",\"matchCriteriaId\":\"3472064A-8C79-436B-965A-96834AE8D346\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.5:p15:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDA8ABEB-F955-4D34-8219-C518B49F5543\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8605E4E6-0F7D-42C8-B35B-2349A0BEFC69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6318F97-E59A-4425-8DC7-045C78A644F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"324A573E-DBC8-42A0-8CB8-EDD8FBAB7115\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"54151A00-CFB8-4E6A-8E74-497CB67BF7E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.5:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DF0E74D-9293-4209-97D1-A3BA13C3DDE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.5:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"8922D646-1A97-47ED-91C6-5A426781C98A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.5:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"952787C6-9BF1-49FB-9824-1236678E1902\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.5:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"898A8679-3C46-4718-9EDF-583ADDFCF2EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C7AFBB1-F9C9-4BDE-BCEF-94C9F0AC6798\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6086841-C175-46A1-8414-71C6163A0E7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.6:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"E57889CC-3E90-46AF-9CD6-3328DD501AD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.6:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"47A86566-DE38-4032-947D-B6181F0BC120\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.6:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7D1D684-CE7E-4D6D-95B5-1F86A8DB6C66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.6:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"CABF5BD0-1D06-483D-91D3-A773D99EF217\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2E0DDD1-0F4A-4F96-B25D-40A39A1A535A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A576B1B5-73A2-431E-998F-7E5458B51D6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.6:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E05F4AC-2A28-47E3-96DE-0E31AF73CD43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.6:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A9A62EE-1649-4815-8EC9-7AEF7949EB2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.6:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"E58690F9-FA9C-42A0-B4CD-91FD1197A53E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.6:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"77D01D8B-1FBC-43CA-90F9-C89D9B4D18F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.6:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B83729E-80AF-47CE-A70C-32BF83024A40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.6:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"73D22D42-646D-4955-A6F9-9B7BA63DC0A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5D04853-0C2F-47DD-A939-3A8F6E22CB7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.7:b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EBB0608-034B-4F07-A59B-9E6A989BA260\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.7:b2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3BF9B08-84E3-4974-9DEB-F4285995D796\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.7:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"7771BEDB-05E2-430E-B2A2-E2F7574B7114\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.7:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E05341A-C70C-4B3D-AF30-9520D6B97D30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.7:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D98B52E-3B59-4327-AC7E-DDBB0ADA08F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.7:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"95026AA9-A28B-4D94-BD77-7628429EBA30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.7:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"83FD1220-7D46-42B2-8110-30A934144572\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.7:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F1439CE-8A3B-414A-B974-559209FF480C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.7:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"13726DEE-FFCB-447B-9FFF-136F132F2C4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.7:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A9443CE-AE1F-4D66-9C88-5E2E3FD28EE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.7:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5E29EF8-2569-4258-A66F-E1E5F621E0D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.8:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EE12F4B-5607-4790-A29B-EE23383BCC1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.8:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D05A958-9749-486A-A149-C21647CDCADF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.8:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9E12B43-AD3E-48A2-9042-5586186CA3BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.8:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C267AF14-7BA8-4D1F-BCD9-BE3ED0DA3D25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.8:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4947C63-CFD9-437B-A09E-A197DCE40095\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.8:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FB6D020-2E5C-4789-A063-2C907F3CF3FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.9:alpha1:*:*:*:*:*:*\",\"matchCriteriaId\":\"37F32F70-7B2A-4BAB-B3F0-AFF5C04CCDED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.9:alpha2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B6B7609-6A8E-4154-BC05-2A9099909684\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:commerce:2.4.9:alpha3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAFF35B5-CA01-40ED-B410-3E3286C370BE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:*:*:*:*:open_source:*:*:*\",\"versionEndExcluding\":\"2.4.5\",\"matchCriteriaId\":\"5CA94A87-BA10-4D46-B46D-3DAD379CEEAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.5:-:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"7A41C717-4B9F-4972-ABA3-2294EEC20F3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.5:p1:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"3FA80BBC-2DF2-46E1-84CE-8A899415114E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.5:p10:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"783E4AF1-52F3-446B-B003-8079EDA78CBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.5:p11:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"08B7898F-E25A-4D16-A007-6D4543E80C58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.5:p12:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"313CB0C1-2E8C-46AC-B72B-AFA9E0A6E064\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.5:p13:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"E99C1F27-68C9-481F-B01D-8B58B0AFB437\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.5:p14:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"D4A3F4C7-8784-43BD-A11B-E66872DD8812\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.5:p15:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"6FA6582B-1AA2-4DCD-ADA5-B00C20D18588\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.5:p2:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"510B1840-AE77-4BDD-9C09-26C64CC8FC81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.5:p3:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"FA1EDF58-8384-48C4-A584-54D24F6F7973\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.5:p4:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"9D2D9715-3A6B-4BE0-B1C5-8D19A683A083\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.5:p5:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"1C99B578-5DD6-476D-BB75-4DCAD7F79535\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.5:p6:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"7C1B2897-79A5-4A5B-9137-7A4B6B85AA84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.5:p7:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"B9E8299D-FA97-483A-8E1B-BA7B869E467D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.5:p8:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"9A1B92EC-E83A-43B3-8F14-5C1A52B579B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.5:p9:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"E5F2B6F1-AE8F-4AEE-9AB3-080976AE48B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.6:-:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"789BD987-9DAD-4EAE-93DE-0E267D54F124\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.6:p1:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"A3F113C0-00C5-4BC2-B42B-8AE3756252F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.6:p10:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"AE842CC8-7795-4238-B727-0BA2FFFBF62C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.6:p11:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"AE724531-422D-4ABB-98F5-2C0B1BBEF031\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.6:p12:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"BB499397-0E40-45B0-A7E9-BEFCC909DD07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.6:p13:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"0F972E57-B08E-46DF-88F1-A3002F001E83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.6:p2:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"02592D65-2D2C-460A-A970-8A18F9B156ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.6:p3:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"457B89CF-C75E-4ED6-8603-9C52BA462A9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.6:p4:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"A572A2DC-2DAB-4ABE-8FC2-5AF2340C826F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.6:p5:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"2A2DD9C6-BAF5-4DF5-9C14-3478923B2019\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.6:p6:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"BA9CFC70-24CF-4DFA-AEF9-9B5A9DAF837D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.6:p7:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"2AA0B806-ABB8-4C18-9F9C-8291BE208F52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.6:p8:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"AA9D4DAB-7567-48D7-BE60-2A10B35CFF27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.6:p9:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"A91E797D-63F6-4DE8-869C-AF0133DC6C03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.7:-:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"0E06FE04-8844-4409-92D9-4972B47C921B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.7:b1:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"99C620F3-40ED-4D7F-B6A1-205E948FD6F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.7:b2:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"FBCFE5FB-FAB7-4BF0-90AE-79F9590FD872\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.7:beta3:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"7EB4B9C5-513C-4039-8087-5E8880894318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.7:p1:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"9C77154A-DBFE-48C3-A274-03075A0DB040\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.7:p2:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"F5AAC414-623C-444F-9BD5-EE0ACE2B2246\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.7:p3:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"8292888D-B0B0-4DF3-8719-EA4CDCAB39D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.7:p4:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"9830E074-FDCF-41E9-98C7-10C20424EF4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.7:p5:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"9D0C8648-B39E-47C7-AA5C-3AFED22F8D40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.7:p6:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"082F8B60-ECC5-4C55-BBFE-A0C8A3E95590\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.7:p7:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"A7B83AD4-3134-414A-80E3-106C3C0F975A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.7:p8:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"FAA14D5B-ACF2-497B-ACE7-33C42682D2DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.8:-:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"00E8284F-10CD-449C-AEF1-688B8287292F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.8:beta1:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"59C10C74-FDB1-46EC-8F41-F3AC24AEFB7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.8:beta2:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"2957B390-52C5-48D7-A6D7-709BC76B9C69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.8:p1:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"524F64B6-F7F7-4926-884F-E9448636007C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.8:p2:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"9F56F919-69B6-4A77-B8CE-F13409542F14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.8:p3:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"F81D46F6-AEA3-4A83-A6F5-2231FD4CEC46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:magento:2.4.9:alpha3:*:*:open_source:*:*:*\",\"matchCriteriaId\":\"D38BAED7-20E6-4750-8E97-829302ED42D2\"}]}]}],\"references\":[{\"url\":\"https://helpx.adobe.com/security/products/magento/apsb26-05.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-21290\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-11T13:44:21.547990Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-11T13:44:24.729Z\"}}], \"cna\": {\"title\": \"Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N\", \"modifiedScope\": \"CHANGED\", \"temporalScore\": 8.7, \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"remediationLevel\": \"NOT_DEFINED\", \"reportConfidence\": \"NOT_DEFINED\", \"temporalSeverity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"environmentalScore\": 8.7, \"privilegesRequired\": \"LOW\", \"exploitCodeMaturity\": \"NOT_DEFINED\", \"integrityRequirement\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"NETWORK\", \"confidentialityImpact\": \"HIGH\", \"environmentalSeverity\": \"HIGH\", \"availabilityRequirement\": \"NOT_DEFINED\", \"modifiedIntegrityImpact\": \"HIGH\", \"modifiedUserInteraction\": \"REQUIRED\", \"modifiedAttackComplexity\": \"LOW\", \"confidentialityRequirement\": \"NOT_DEFINED\", \"modifiedAvailabilityImpact\": \"NONE\", \"modifiedPrivilegesRequired\": \"LOW\", \"modifiedConfidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Adobe\", \"product\": \"Adobe Commerce\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"2.4.4-p16\"}], \"defaultStatus\": \"affected\"}], \"datePublic\": \"2026-03-09T17:00:00.000Z\", \"references\": [{\"url\": \"https://helpx.adobe.com/security/products/magento/apsb26-05.html\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\\u2019s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"Cross-site Scripting (Stored XSS) (CWE-79)\"}]}], \"providerMetadata\": {\"orgId\": \"078d4453-3bcd-4900-85e6-15281da43538\", \"shortName\": \"adobe\", \"dateUpdated\": \"2026-03-11T02:19:14.251Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-21290\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-12T03:55:22.870Z\", \"dateReserved\": \"2025-12-12T22:01:18.190Z\", \"assignerOrgId\": \"078d4453-3bcd-4900-85e6-15281da43538\", \"datePublished\": \"2026-03-11T02:19:14.251Z\", \"assignerShortName\": \"adobe\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.