title: 'PRODSECBUG-2412: Cross-Site Scripting via Location Name' link: 'https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update' cve: CVE-2019-8138 branches: '2.2': time: '2019-10-08 00:00:00' versions: ['>=2.2', '<2.2.10'] '2.3': time: '2019-10-08 00:00:00' versions: ['>=2.3', '<2.3.2-p2'] reference: 'composer://magento/product-community-edition' composer-repository: false
info at phpclasses dot org