Magento User Info Cross Site Scripting
Posted on 07 March 2018
Magento suffers from user information related cross site scripting vulnerabilities. Versions affected include Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, and Magento 2.2 prior to 2.2.3.