Intrusion Prevention

Magento.Address.Field.XSS

Description

This indicates an attack attempt against a Cross-Site Scripting vulnerability in Magento.
A user can insert script in the address field, which can potentially introduce a Denial-of-Service vulnerability.

Affected Products

Magento 2.0 prior to 2.0.18
Magento 2.1 prior to 2.1.12
Magento 2.2 prior to 2.2.3

Impact

Denial of Service

Recommended Actions

Apply the latest update from the vendor.
https://magento.com/security/patches/magento-223-2112-and-2018-security-update