CVE-2025-64174 | OpenMage magento-lts up to 20.15.0 Actions.php cross site scripting

A vulnerability was found in OpenMage magento-lts up to 20.15.0 and classified as problematic. This affects an unknown part of the file app/code/core/Mage/Adminhtml/Block/Notification/Grid/Renderer/Actions.php. Such manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-64174. The attack may be launched remotely. There is no exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More