Adobe Commerce
Moderate fix6 remedies
cpe:2.3:a:adobe:commerce:*:*:*:*:*:*:*
Moderate fix6 remedies
- <= 2.4.9-alpha3
- <= 2.4.8-p3
- <= 2.4.7-p8
- <= 2.4.6-p13
- <= 2.4.5-p15
- <= 2.4.4-p16
Adobe Commerce and Magento Open Source Open Redirect Vulnerability
Vulnerability
Patched
A URL redirection to an untrusted site vulnerability, also known as an open redirect, has been identified in Adobe Commerce and Magento Open Source. This vulnerability affects several versions of Adobe Commerce, including 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier, as well as Magento Open Source versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13 and 2.4.5-p15 and earlier. The vulnerability allows attackers to redirect users to malicious websites, requiring user interaction for exploitation.
Impact
Exploitation of this vulnerability could lead to users being redirected to malicious websites.
Remediation
Users are advised to update to Adobe Commerce version 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16 or 2.4.4-p17. For Magento Open Source, users should update to version 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14 or 2.4.5-p16.
Added: Mar 11, 2026, 3:23 AM
Updated: Mar 11, 2026, 3:23 AM
Vulnerability Rating
Custom Algorithm
spread
6.4impact
0.2exploitability
6.4remediation
7.7relevance
3.8threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.