更新: 2423 个文件 - 2026-03-18 14:23:01

08-threat-intel/registry/advisories/magento-open-source--b2f601bd6e.json

@@ -0,0 +1,59 @@
+{
+  "canonical_id": "magento-open-source--b2f601bd6e",
+  "system_id": "magento-open-source",
+  "display_name": "Magento Open Source",
+  "category": "ecommerce",
+  "advisory_mode": "extension",
+  "title": "Critical Magento 2 flaw exploited within 16 hours   2019-05-10  The number of hacked Magento 2 stores spiked in the last four weeks, after a critical security flaw was discovered in March and criminals stole admin passwords within 16 hours. Merchants are advised to implement emergency measures, even if they had already patched. Update June 12th: While there w...   skimming",
+  "summary": "",
+  "published_at": null,
+  "updated_at": null,
+  "severity": "unknown",
+  "cvss_score": null,
+  "exploit_status": "unknown",
+  "source_confidence": "ecosystem-authority",
+  "official_source_url": "https://sansec.io/research/magento-2-hacks",
+  "secondary_source_urls": [],
+  "aliases": [],
+  "cve_ids": [],
+  "ghsa_ids": [],
+  "osv_ids": [],
+  "affected_versions": [],
+  "fixed_versions": [],
+  "package_name": null,
+  "render_markdown": false,
+  "case_path": null,
+  "secure_code_topics": [
+    "authz-server-side-recheck",
+    "file-upload-validation",
+    "plugin-extension-trust-policy"
+  ],
+  "status": "triage",
+  "triage_reasons": [
+    "missing affected/fixed version details"
+  ],
+  "verification_status": "triage-manual",
+  "verification_mode": "synthetic",
+  "last_verified_at": null,
+  "last_run_id": null,
+  "evidence_bundle": null,
+  "historical_status": null,
+  "latest_status": null,
+  "browser_evidence": {
+    "required": false,
+    "present": false,
+    "refs": []
+  },
+  "repro_profile_id": "plugin-extension-generic",
+  "artifact_mode": "synthetic",
+  "blocked_reason": null,
+  "metadata": {
+    "source_names": [
+      "Sansec Research"
+    ],
+    "source_kinds": [
+      "html-links"
+    ],
+    "candidate_count": 1
+  }
+}