PT-2026-24559 · Adobe · Commerce
Published
2026-03-10
·
Updated
2026-03-11
·
CVE-2026-21295
CVSS v3.1
3.1
Low
| Vector | AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Adobe Commerce versions 2.4.4-p16 through 2.4.9-alpha3
Description
The software is susceptible to a URL Redirection to Untrusted Site issue, also known as an 'Open Redirect'. An attacker could potentially redirect users to malicious websites. User interaction is required for successful exploitation.
Recommendations
Adobe Commerce versions prior to 2.4.4-p16 should be updated.
Fix
Open Redirect
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Commerce