Vigil@nce - Magento 2: multiple vulnerabilities
March 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
Several vulnerabilities were announced in Magento version 2.
Impacted products: Magento CE, Magento EE.
Severity: 2/4.
Creation date: 21/01/2016.
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in Magento version 2.
An attacker can trigger a Cross Site Scripting in User Name, in
order to run JavaScript code in the context of the web site.
[severity:2/4]
An attacker can bypass security features in Block Cache, in order
to obtain sensitive information. [severity:2/4]
An attacker can trigger a Cross Site Scripting in Order Comments,
in order to run JavaScript code in the context of the web site.
[severity:2/4]
An attacker can use a SQL injection in Layered Navigation, in
order to read or alter data. [severity:2/4]
An attacker can perform a brute force on Guest Order View, in
order to escalate his privileges. [severity:2/4]
An attacker can trigger a Cross Site Scripting in Custom Options,
in order to run JavaScript code in the context of the web site.
[severity:2/4]
An attacker can bypass security features in Reviews, in order to
escalate his privileges. [severity:2/4]
An attacker can bypass security features of a CAPTCHA, in order to
escalate his privileges. [severity:2/4]
An attacker can trigger a Cross Site Scripting in Cookie Header,
in order to run JavaScript code in the context of the web site.
[severity:2/4]
An attacker can trigger a Cross Site Request Forgery in Delete
Items from Cart, in order to force the victim to perform
operations. [severity:2/4]
An attacker can inject code in the database, in order to escalate
his privileges. [severity:1/4]
An attacker can bypass security features of the MaliciousCode
Filter, in order to escalate his privileges. [severity:2/4]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Magento-2-multiple-vulnerabilities-18782