CWE-668
DiscouragedExposure of Resource to Wrong Sphere
Abstraction: Class · Status: Draft
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
1251 vulnerabilities reference this CWE, most recent first.
GHSA-6WM6-MV83-V9QJ
Vulnerability from github – Published: 2022-07-05 00:00 – Updated: 2022-07-13 00:01Browse restriction bypass vulnerability in Bulletin of Cybozu Garoon allows a remote authenticated attacker to obtain the data of Bulletin.
{
"affected": [],
"aliases": [
"CVE-2022-29471"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-04T07:15:00Z",
"severity": "MODERATE"
},
"details": "Browse restriction bypass vulnerability in Bulletin of Cybozu Garoon allows a remote authenticated attacker to obtain the data of Bulletin.",
"id": "GHSA-6wm6-mv83-v9qj",
"modified": "2022-07-13T00:01:53Z",
"published": "2022-07-05T00:00:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29471"
},
{
"type": "WEB",
"url": "https://cs.cybozu.co.jp/2022/007429.html"
},
{
"type": "WEB",
"url": "https://jvn.jp/en/jp/JVN73897863/index.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-6WRH-279J-6HVW
Vulnerability from github – Published: 2022-03-10 17:55 – Updated: 2022-03-18 20:15Impact
HTTP caching is marking private HTTP headers as public
Patches
Fixed in recommend updating to the current version 6.4.8.2. You can get the update to 6.4.8.2 regularly via the Auto-Updater or directly via the download overview.
https://www.shopware.com/en/download/#shopware-6
Workarounds
For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 6.4.8.1"
},
"package": {
"ecosystem": "Packagist",
"name": "shopware/platform"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.4.8.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 6.4.8.1"
},
"package": {
"ecosystem": "Packagist",
"name": "shopware/core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.4.8.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 6.4.8.1"
},
"package": {
"ecosystem": "Packagist",
"name": "shopware/storefront"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.4.8.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-24747"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2022-03-10T17:55:21Z",
"nvd_published_at": "2022-03-09T23:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\nHTTP caching is marking private HTTP headers as public\n\n## Patches\nFixed in recommend updating to the current version 6.4.8.2. You can get the update to 6.4.8.2 regularly via the Auto-Updater or directly via the download overview.\n\nhttps://www.shopware.com/en/download/#shopware-6\n\n## Workarounds\nFor older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.",
"id": "GHSA-6wrh-279j-6hvw",
"modified": "2022-03-18T20:15:05Z",
"published": "2022-03-10T17:55:21Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/shopware/platform/security/advisories/GHSA-6wrh-279j-6hvw"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24747"
},
{
"type": "WEB",
"url": "https://github.com/shopware/platform/commit/d51863148f32306aafdbc7f9f48887c69fce206f"
},
{
"type": "WEB",
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-03-2022"
},
{
"type": "PACKAGE",
"url": "https://github.com/shopware/platform"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "HTTP caching is marking private HTTP headers as public in Shopware"
}
GHSA-6X2V-HVX7-M5X7
Vulnerability from github – Published: 2022-07-24 00:00 – Updated: 2022-07-28 00:00Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information via a crafted HTML page.
{
"affected": [],
"aliases": [
"CVE-2022-1137"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-23T00:15:00Z",
"severity": "MODERATE"
},
"details": "Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information via a crafted HTML page.",
"id": "GHSA-6x2v-hvx7-m5x7",
"modified": "2022-07-28T00:00:48Z",
"published": "2022-07-24T00:00:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1137"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1289846"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202208-25"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-6XXC-4JC4-7JV3
Vulnerability from github – Published: 2022-05-24 22:28 – Updated: 2025-05-14 19:17Liferay Portal 7.2.0 through 7.3.2, and Liferay DXP 7.2 before fix pack 9, allows access to Cross-origin resource sharing (CORS) protected resources if the user is only authenticated using the portal session authentication, which allows remote attackers to obtain sensitive information including the targeted user’s email address and current CSRF token.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "com.liferay.portal:release.portal.bom"
},
"ranges": [
{
"events": [
{
"introduced": "7.2.0"
},
{
"fixed": "7.3.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-33330"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2023-08-09T13:17:26Z",
"nvd_published_at": "2021-08-03T19:15:00Z",
"severity": "MODERATE"
},
"details": "Liferay Portal 7.2.0 through 7.3.2, and Liferay DXP 7.2 before fix pack 9, allows access to Cross-origin resource sharing (CORS) protected resources if the user is only authenticated using the portal session authentication, which allows remote attackers to obtain sensitive information including the targeted user\u2019s email address and current CSRF token.",
"id": "GHSA-6xxc-4jc4-7jv3",
"modified": "2025-05-14T19:17:39Z",
"published": "2022-05-24T22:28:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33330"
},
{
"type": "WEB",
"url": "https://issues.liferay.com/browse/LPE-17127"
},
{
"type": "WEB",
"url": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120747720"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Exposure of Resource to Wrong Sphere in Liferay Portal"
}
GHSA-72C2-P2MR-MQR3
Vulnerability from github – Published: 2022-06-17 00:01 – Updated: 2022-06-29 00:00An issue was discovered in function sync_tree in hetero_decision_tree_guest.py in WeBank FATE (Federated AI Technology Enabler) 0.1 through 1.4.2 allows attackers to read sensitive information during the training process of machine learning joint modeling.
{
"affected": [],
"aliases": [
"CVE-2020-25459"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-16T21:15:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in function sync_tree in hetero_decision_tree_guest.py in WeBank FATE (Federated AI Technology Enabler) 0.1 through 1.4.2 allows attackers to read sensitive information during the training process of machine learning joint modeling.",
"id": "GHSA-72c2-p2mr-mqr3",
"modified": "2022-06-29T00:00:27Z",
"published": "2022-06-17T00:01:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25459"
},
{
"type": "WEB",
"url": "https://github.com/FederatedAI/FATE/commit/6feccf6d752184a6f9365d56a76fe627983e7139"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-72V5-4C4W-2CHJ
Vulnerability from github – Published: 2022-05-24 16:48 – Updated: 2024-04-04 01:01A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, adjacent attacker to bypass authentication and access critical internal services. The vulnerability is due to insufficient access restriction to ports necessary for system operation. An attacker could exploit this vulnerability by connecting an unauthorized network device to the subnet designated for cluster services. A successful exploit could allow an attacker to reach internal services that are not hardened for external access.
{
"affected": [],
"aliases": [
"CVE-2019-1848"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-06-20T03:15:00Z",
"severity": "CRITICAL"
},
"details": "A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, adjacent attacker to bypass authentication and access critical internal services. The vulnerability is due to insufficient access restriction to ports necessary for system operation. An attacker could exploit this vulnerability by connecting an unauthorized network device to the subnet designated for cluster services. A successful exploit could allow an attacker to reach internal services that are not hardened for external access.",
"id": "GHSA-72v5-4c4w-2chj",
"modified": "2024-04-04T01:01:52Z",
"published": "2022-05-24T16:48:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1848"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-dnac-bypass"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/108837"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-73R4-PGGG-5F69
Vulnerability from github – Published: 2022-04-30 18:16 – Updated: 2025-04-03 03:43Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled, allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /.
{
"affected": [],
"aliases": [
"CVE-2001-0892"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2001-11-13T05:00:00Z",
"severity": "MODERATE"
},
"details": "Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled, allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /.",
"id": "GHSA-73r4-pggg-5f69",
"modified": "2025-04-03T03:43:51Z",
"published": "2022-04-30T18:16:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2001-0892"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=100568999726036\u0026w=2"
},
{
"type": "WEB",
"url": "http://www.acme.com/software/thttpd"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-74V5-X8GW-Q8F8
Vulnerability from github – Published: 2022-09-25 00:00 – Updated: 2022-09-28 00:00An issue in the handling of environment variables was addressed with improved validation. This issue is fixed in macOS Monterey 12.4. A user may be able to view sensitive user information.
{
"affected": [],
"aliases": [
"CVE-2022-26707"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-23T19:15:00Z",
"severity": "MODERATE"
},
"details": "An issue in the handling of environment variables was addressed with improved validation. This issue is fixed in macOS Monterey 12.4. A user may be able to view sensitive user information.",
"id": "GHSA-74v5-x8gw-q8f8",
"modified": "2022-09-28T00:00:25Z",
"published": "2022-09-25T00:00:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26707"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213257"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7523-XCC2-M3RM
Vulnerability from github – Published: 2023-11-14 18:30 – Updated: 2023-11-14 18:30Open Management Infrastructure Information Disclosure Vulnerability
{
"affected": [],
"aliases": [
"CVE-2023-36043"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-14T18:15:34Z",
"severity": "MODERATE"
},
"details": "Open Management Infrastructure Information Disclosure Vulnerability",
"id": "GHSA-7523-xcc2-m3rm",
"modified": "2023-11-14T18:30:28Z",
"published": "2023-11-14T18:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36043"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36043"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7563-75J9-6H5P
Vulnerability from github – Published: 2022-03-14 22:26 – Updated: 2022-03-15 21:47Impact
Any other user can view the data if the browser tab remains open after logging out. Once someone logs out and leaves the browser open, the potential attacker may use the back button to see the content exposed on given screens. No action may be performed though, and any website refresh will block further reads. It may, however, lead to a data leak, like for example customer details, payment gateway configuration, etc.- but only if these were pages checked by the administrator.
This vulnerability requires full access to the computer to take advantage of it.
Patches
The issue is fixed in versions: 1.9.10, 1.10.11, 1.11.2 and above.
Workarounds
The application must strictly redirect to the login page even when the browser back button is pressed. Another possibility is to set more strict cache policies for restricted content (like no-store). It can be achieved with the following class:
<?php
declare(strict_types=1);
namespace App\EventListener;
use App\SectionResolver\ShopCustomerAccountSubSection;
use Sylius\Bundle\AdminBundle\SectionResolver\AdminSection;
use Sylius\Bundle\CoreBundle\SectionResolver\SectionProviderInterface;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpKernel\Event\ResponseEvent;
use Symfony\Component\HttpKernel\KernelEvents;
final class CacheControlSubscriber implements EventSubscriberInterface
{
/** @var SectionProviderInterface */
private $sectionProvider;
public function __construct(SectionProviderInterface $sectionProvider)
{
$this->sectionProvider = $sectionProvider;
}
public static function getSubscribedEvents(): array
{
return [
KernelEvents::RESPONSE => 'setCacheControlDirectives',
];
}
public function setCacheControlDirectives(ResponseEvent $event): void
{
if (
!$this->sectionProvider->getSection() instanceof AdminSection &&
!$this->sectionProvider->getSection() instanceof ShopCustomerAccountSubSection
) {
return;
}
$response = $event->getResponse();
$response->headers->addCacheControlDirective('no-cache', true);
$response->headers->addCacheControlDirective('max-age', '0');
$response->headers->addCacheControlDirective('must-revalidate', true);
$response->headers->addCacheControlDirective('no-store', true);
}
}
After that register service in the container:
services:
App\EventListener\CacheControlSubscriber:
arguments: ['@sylius.section_resolver.uri_based_section_resolver']
tags:
- { name: kernel.event_subscriber, event: kernel.response }
The code above requires changes in ShopUriBasedSectionResolver in order to work. To backport mentioned logic, you need to replace the Sylius\Bundle\ShopBundle\SectionResolver\ShopUriBasedSectionResolver class with:
<?php
declare(strict_types=1);
namespace App\SectionResolver;
use Sylius\Bundle\CoreBundle\SectionResolver\SectionInterface;
use Sylius\Bundle\CoreBundle\SectionResolver\UriBasedSectionResolverInterface;
use Sylius\Bundle\ShopBundle\SectionResolver\ShopSection;
final class ShopUriBasedSectionResolver implements UriBasedSectionResolverInterface
{
/** @var string */
private $shopCustomerAccountUri;
public function __construct(string $shopCustomerAccountUri = 'account')
{
$this->shopCustomerAccountUri = $shopCustomerAccountUri;
}
public function getSection(string $uri): SectionInterface
{
if (str_contains($uri, $this->shopCustomerAccountUri)) {
return new ShopCustomerAccountSubSection();
}
return new ShopSection();
}
}
services:
sylius.section_resolver.shop_uri_based_section_resolver:
class: App\SectionResolver\ShopUriBasedSectionResolver
tags:
- { name: sylius.uri_based_section_resolver, priority: -10 }
You also need to define a new subsection for the Customer Account that is used in the above services:
<?php
declare(strict_types=1);
namespace App\SectionResolver;
use Sylius\Bundle\ShopBundle\SectionResolver\ShopSection;
class ShopCustomerAccountSubSection extends ShopSection
{
}
References
- Originally published at https://huntr.dev/
For more information
If you have any questions or comments about this advisory: * Open an issue in Sylius issues * Email us at security@sylius.com
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "sylius/sylius"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "sylius/sylius"
},
"ranges": [
{
"events": [
{
"introduced": "1.10"
},
{
"fixed": "1.10.11"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "sylius/sylius"
},
"ranges": [
{
"events": [
{
"introduced": "1.11"
},
{
"fixed": "1.11.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-24742"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-213",
"CWE-668"
],
"github_reviewed": true,
"github_reviewed_at": "2022-03-14T22:26:58Z",
"nvd_published_at": "2022-03-14T20:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\nAny other user can view the data if the browser tab remains open after logging out. Once someone logs out and leaves the browser open, the potential attacker may use the back button to see the content exposed on given screens. No action may be performed though, and any website refresh will block further reads. It may, however, lead to a data leak, like for example customer details, payment gateway configuration, etc.- but only if these were pages checked by the administrator. \n\nThis vulnerability requires full access to the computer to take advantage of it.\n\n### Patches\nThe issue is fixed in versions: 1.9.10, 1.10.11, 1.11.2 and above.\n\n### Workarounds\nThe application must strictly redirect to the login page even when the browser back button is pressed. Another possibility is to set more strict cache policies for restricted content (like no-store). It can be achieved with the following class:\n\n```php\n\u003c?php\n\ndeclare(strict_types=1);\n\nnamespace App\\EventListener;\n\nuse App\\SectionResolver\\ShopCustomerAccountSubSection;\nuse Sylius\\Bundle\\AdminBundle\\SectionResolver\\AdminSection;\nuse Sylius\\Bundle\\CoreBundle\\SectionResolver\\SectionProviderInterface;\nuse Symfony\\Component\\EventDispatcher\\EventSubscriberInterface;\nuse Symfony\\Component\\HttpKernel\\Event\\ResponseEvent;\nuse Symfony\\Component\\HttpKernel\\KernelEvents;\n\nfinal class CacheControlSubscriber implements EventSubscriberInterface\n{\n /** @var SectionProviderInterface */\n private $sectionProvider;\n\n public function __construct(SectionProviderInterface $sectionProvider)\n {\n $this-\u003esectionProvider = $sectionProvider;\n }\n\n public static function getSubscribedEvents(): array\n {\n return [\n KernelEvents::RESPONSE =\u003e \u0027setCacheControlDirectives\u0027,\n ];\n }\n\n public function setCacheControlDirectives(ResponseEvent $event): void\n {\n if (\n !$this-\u003esectionProvider-\u003egetSection() instanceof AdminSection \u0026\u0026\n !$this-\u003esectionProvider-\u003egetSection() instanceof ShopCustomerAccountSubSection\n ) {\n return;\n }\n\n $response = $event-\u003egetResponse();\n\n $response-\u003eheaders-\u003eaddCacheControlDirective(\u0027no-cache\u0027, true);\n $response-\u003eheaders-\u003eaddCacheControlDirective(\u0027max-age\u0027, \u00270\u0027);\n $response-\u003eheaders-\u003eaddCacheControlDirective(\u0027must-revalidate\u0027, true);\n $response-\u003eheaders-\u003eaddCacheControlDirective(\u0027no-store\u0027, true);\n }\n}\n```\n\nAfter that register service in the container:\n\n```yaml\nservices:\n App\\EventListener\\CacheControlSubscriber:\n arguments: [\u0027@sylius.section_resolver.uri_based_section_resolver\u0027]\n tags:\n - { name: kernel.event_subscriber, event: kernel.response }\n```\n\nThe code above requires changes in `ShopUriBasedSectionResolver` in order to work. To backport mentioned logic, you need to replace the `Sylius\\Bundle\\ShopBundle\\SectionResolver\\ShopUriBasedSectionResolver` class with:\n\n```php\n\u003c?php\n\ndeclare(strict_types=1);\n\nnamespace App\\SectionResolver;\n\nuse Sylius\\Bundle\\CoreBundle\\SectionResolver\\SectionInterface;\nuse Sylius\\Bundle\\CoreBundle\\SectionResolver\\UriBasedSectionResolverInterface;\nuse Sylius\\Bundle\\ShopBundle\\SectionResolver\\ShopSection;\n\nfinal class ShopUriBasedSectionResolver implements UriBasedSectionResolverInterface\n{\n /** @var string */\n private $shopCustomerAccountUri;\n\n public function __construct(string $shopCustomerAccountUri = \u0027account\u0027)\n {\n $this-\u003eshopCustomerAccountUri = $shopCustomerAccountUri;\n }\n\n public function getSection(string $uri): SectionInterface\n {\n if (str_contains($uri, $this-\u003eshopCustomerAccountUri)) {\n return new ShopCustomerAccountSubSection();\n }\n\n return new ShopSection();\n }\n}\n```\n\n```yaml\nservices:\n sylius.section_resolver.shop_uri_based_section_resolver:\n class: App\\SectionResolver\\ShopUriBasedSectionResolver\n tags:\n - { name: sylius.uri_based_section_resolver, priority: -10 }\n```\n\nYou also need to define a new subsection for the Customer Account that is used in the above services:\n\n```php\n\u003c?php\n\ndeclare(strict_types=1);\n\nnamespace App\\SectionResolver;\n\nuse Sylius\\Bundle\\ShopBundle\\SectionResolver\\ShopSection;\n\nclass ShopCustomerAccountSubSection extends ShopSection\n{\n}\n```\n\n### References\n* Originally published at https://huntr.dev/\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [Sylius issues](https://github.com/Sylius/Sylius/issues)\n* Email us at security@sylius.com\n",
"id": "GHSA-7563-75j9-6h5p",
"modified": "2022-03-15T21:47:08Z",
"published": "2022-03-14T22:26:58Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-7563-75j9-6h5p"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24742"
},
{
"type": "PACKAGE",
"url": "https://github.com/Sylius/Sylius"
},
{
"type": "WEB",
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"type": "WEB",
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"type": "WEB",
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Sensitive Information Exposure in Sylius"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.