-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI
PHPPHPMiggo AIRoot Cause AnalysisI have analyzed the provided vulnerability information but was unable to find the specific commits that introduced the patch for the stored XSS vulnerability (CVE-2025-54266). My attempts to compare the vulnerable and patched versions using their release tags did not reveal the individual security fix commits. Without the patch diff, I cannot confidently identify the vulnerable functions and provide the required evidence.
Therefore, I am returning an empty result.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| magento/project-community-edition | composer | <= 2.0.2 | |
| magento/community-edition | composer | >= 2.4.9-alpha1, < 2.4.9-alpha3 | 2.4.9-alpha3 |
| magento/community-edition | composer | >= 2.4.8-beta1, < 2.4.8-p3 | 2.4.8-p3 |
| magento/community-edition | composer | >= 2.4.7-beta1, < 2.4.7-p8 | 2.4.7-p8 |
| magento/community-edition | composer | < 2.4.6-p13 | 2.4.6-p13 |
| magento/community-edition | composer | = 2.4.8 | |
| magento/community-edition | composer | = 2.4.7 | |
| magento/community-edition | composer | = 2.4.6 |
Ongoing coverage of React2Shell