Magento.Address.Field.XSS

description-logoDescription

This indicates an attack attempt against a Cross-Site Scripting vulnerability in Magento.
A user can insert script in the address field, which can potentially introduce a Denial-of-Service vulnerability.

affected-products-logoAffected Products

Magento 2.0 prior to 2.0.18
Magento 2.1 prior to 2.1.12
Magento 2.2 prior to 2.2.3

Impact logoImpact

Denial of Service

recomended-action-logoRecommended Actions

Apply the latest update from the vendor.
https://magento.com/security/patches/magento-223-2112-and-2018-security-update

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)