CVE-2023-29293: Magento Open Source affected by Improper Input Validation
2.7
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.08598%
CWE
Published
6/15/2023
Updated
3/4/2025
KEV Status
No
Technology
PHP
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| magento/community-edition | composer | = 2.4.6 | |
| magento/community-edition | composer | = 2.4.5 | |
| magento/community-edition | composer | = 2.4.4 | |
| magento/community-edition | composer | >= 2.4.5-p1, < 2.4.5-p3 | 2.4.5-p3 |
| magento/community-edition | composer | >= 2.4.4-p1, < 2.4.4-p4 | 2.4.4-p4 |
| magento/project-community-edition | composer | <= 2.0.2 |