Approved changes feed: RSS · Atom

cpe:2.3:a:amasty:amasty_blog_pro:*:*:*:*:*:magento_2:*:*

part: a version: * update: *

VendorAmasty (4d348252-c9fe-58fd-89f1-680da1749c8d)
ProductAmasty Blog Pro (678500d4-6681-53ed-b6ae-0a1e51a302e6)
Edition*
Language*
Software edition*
Target softwaremagento_2
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-36433 vulnerable 2026-06-08 05:46:07.412712 Details available
The blog-post creation functionality in the Amasty Blog Pro 2.10.3 plugin for Magento 2 allows injection of JavaScript code in the short_content and full_content fields, leading to XSS attacks against admin panel users via posts/preview or posts/save.
Published: 2022-11-29T00:00:00.000Z
Updated: 2025-04-25T14:56:39.460Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.