Multiple XSS Vulnerabilities in Form Builder 2.1.0 for Magento

Multiple XSS Vulnerabilities in Form Builder 2.1.0 for Magento

CVE-2020-13423 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Form Builder 2.1.0 for Magento has multiple XSS issues that can be exploited against Magento 2 admin accounts via the Current_url or email field, or the User-Agent HTTP header.

Learn more about our User Device Pen Test.