openmage/magento-lts Security Advisories for v20.10.1 (2)
-
[MEDIUM] OpenMage vulnerable to XSS in Admin Notifications
PKSA-t425-mpgn-4yhs CVE-2025-64174 GHSA-qv78-c8hc-438r
Affected version: <20.16.0
Reported by:
GitHub -
[LOW] Magento LTS vulnerable to stored XSS in theme config fields
PKSA-626k-1yg1-m164 CVE-2025-27400 GHSA-5pxh-89cx-4668
Affected version: <20.12.3
Reported by:
GitHub