CVE-2016-10704 (MEDIUM) CVSS 6.1

🟡 Severity: MEDIUM (CVSS 6.1)

Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have XSS via e-mail templates that are mishandled during a preview, aka APPSEC-1503.

Published: 2017-12-30
Last Modified: 2026-05-13 ⚠️

References:

• magento.com/security/…
• magento.com/security/…

View Full CVE Details on NIST NVD →