Tisha Jhanwar
Reputation: 1
Automatic script is being injected in CMS Block in Magento 2.4.6
In my magento 2 automatic script is being injected in CMS blocks. Even after removing it, when the page loads it gets inserted again. What could be the reason. Magento_CSP module is already enabled
Upvotes: 0
Views: 53
Answers (1)
nil108
Reputation: 1
It is look like CosmicSting attacks. See here https://sansec.io/research/cosmicsting-hitting-major-stores
Magento patch here for it.
Upvotes: 0
Related Questions
- How can I force clients to refresh JavaScript files?
- Script Tag - async & defer
- Node.js heap out of memory
- SyntaxError: Cannot use import statement outside a module
- When to use JSX.Element vs ReactNode vs ReactElement?
- JWT (JSON Web Token) automatic prolongation of expiration
- Custom Date Fields in CMS Block in magento 2
- Should CSS always precede JavaScript?
- How should I ethically approach user password storage for later plaintext retrieval?
- Magento - Display Same Block Multiple Times on CMS Page