EPSS
Percentile
35.9%
magento/community-edition is vulnerable to information disclosure. The vulnerability exists as the samples of disabled downloadable products are accessible due to the lack of user input sanitization.
magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23