Magentocommerce Magento — known CVE vulnerabilities
Every CVE whose affected-product data names Magentocommerce Magento, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2012-6091 — CVSS 7.5 (high): Zend_XmlRpc Class in Magento before 1.7.0.2 contains an information disclosure vulnerability.
CVE-2011-5240 — CVSS 5.8 (medium): Magento 1.5 and 1.6.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName…