Adobe 2.4.0-2.4.5 security hotfix

Adobe 2.4.0-2.4.5 security hotfix for Adobe Commerce and Magento Open Source.

Important: Released on October 11 2022 the security hotfix includes an update that resolves a Cross-site Scripting vulnerability tracked by CVE-2022-35698.

No exploits have have reported but it is recommended that the patch is applied ASAP.

Below is a list of all affected products and versions:

  • 2.4.5
  • 2.4.4, 2.4.4-p1
  • 2.4.3-p2, 2.4.3-p3
  • 2.4.3-p1 and below 2.4.3-p1 are not affected if all applicable security hotfixes are applied

Please note: the hotfix will prevent the above mentioned vulnerability but it is always recommended to upgrade to the latest version of Magento.

Patches and installation instructions can be found here.