Search criteria
65 vulnerabilities by Shopware
CVE-2025-67648 (GCVE-0-2025-67648)
Vulnerability from cvelistv5 – Published: 2025-12-10 23:55 – Updated: 2025-12-11 19:00
VLAI?
Summary
Shopware is an open commerce platform. Versions 6.4.6.0 through 6.6.10.9 and 6.7.0.0 through 6.7.5.0 have a Reflected XSS vulnerability in AuthController.php. A request parameter from the login page URL is directly rendered within the Twig template of the Storefront login page without further processing or input validation. This allows direct code injection into the template via the URL parameter, waitTime, which lacks proper input validation. This issue is fixed in versions 6.6.10.10 and 6.7.5.1.
Severity ?
7.1 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-67648",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-11T18:59:56.527334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T19:00:14.044Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.4.6.0, \u003c 6.6.10.10"
},
{
"status": "affected",
"version": "\u003e= 6.7.0.0, \u003c 6.7.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. Versions 6.4.6.0 through 6.6.10.9 and 6.7.0.0 through 6.7.5.0 have a Reflected XSS vulnerability in AuthController.php. A request parameter from the login page URL is directly rendered within the Twig template of the Storefront login page without further processing or input validation. This allows direct code injection into the template via the URL parameter, waitTime, which lacks proper input validation. This issue is fixed in versions 6.6.10.10 and 6.7.5.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-10T23:55:10.060Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-6w82-v552-wjw2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-6w82-v552-wjw2"
},
{
"name": "https://github.com/shopware/shopware/commit/c9242c02c84595d9fa3e2adf6a264bc90a657b58",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/c9242c02c84595d9fa3e2adf6a264bc90a657b58"
}
],
"source": {
"advisory": "GHSA-6w82-v552-wjw2",
"discovery": "UNKNOWN"
},
"title": "Shopware\u0027s inproper input validation can lead to Reflected XSS through Storefront Login Page"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-67648",
"datePublished": "2025-12-10T23:55:10.060Z",
"dateReserved": "2025-12-09T18:36:41.331Z",
"dateUpdated": "2025-12-11T19:00:14.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-7954 (GCVE-0-2025-7954)
Vulnerability from cvelistv5 – Published: 2025-08-06 07:16 – Updated: 2025-11-03 20:07
VLAI?
Summary
A race condition vulnerability has been identified in Shopware's voucher system of Shopware v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage limitations.
Severity ?
CWE
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Credits
Timo Müller
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7954",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-07T14:38:04.938690Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-07T14:38:24.426Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/shopware/shopware/issues/11245"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:07:42.751Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Aug/17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Shopware",
"vendor": "Shopware",
"versions": [
{
"status": "affected",
"version": "6.6.x"
},
{
"status": "affected",
"version": "6.7.x"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The attacker needs a one-time use voucher code."
}
],
"value": "The attacker needs a one-time use voucher code."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Timo M\u00fcller"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA race condition vulnerability has been identified in Shopware\u0027s voucher system of Shopware\u0026nbsp;v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage limitations.\u003c/span\u003e\n\n\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "A race condition vulnerability has been identified in Shopware\u0027s voucher system of Shopware\u00a0v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage limitations."
}
],
"impacts": [
{
"capecId": "CAPEC-29",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-06T07:22:17.134Z",
"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"shortName": "SEC-VLab"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/shopware/shopware/issues/11245"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Race Condition in Shopware Voucher Submission",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Do not use one-time voucher codes until issue is fixed."
}
],
"value": "Do not use one-time voucher codes until issue is fixed."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"assignerShortName": "SEC-VLab",
"cveId": "CVE-2025-7954",
"datePublished": "2025-08-06T07:16:09.712Z",
"dateReserved": "2025-07-21T10:26:59.855Z",
"dateUpdated": "2025-11-03T20:07:42.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-51541 (GCVE-0-2025-51541)
Vulnerability from cvelistv5 – Published: 2025-08-05 00:00 – Updated: 2025-08-07 14:03
VLAI?
Summary
A stored cross-site scripting (XSS) vulnerability exists in the Shopware 6 installation interface at /recovery/install/database-configuration/. The c_database_schema field fails to properly sanitize user-supplied input before rendering it in the browser, allowing an attacker to inject malicious JavaScript. This vulnerability can be exploited via a Cross-Site Request Forgery (CSRF) attack due to the absence of CSRF protections on the POST request. An unauthenticated remote attacker can craft a malicious web page that, when visited by a victim, stores the payload persistently in the installation configuration. As a result, the payload executes whenever any user subsequently accesses the vulnerable installation page, leading to persistent client-side code execution.
Severity ?
6.1 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-51541",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-07T14:03:08.812097Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-07T14:03:50.991Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://gist.github.com/anonx-hunter/a7ef32a01d7d888413b08bf8589fdd7e#file-cve-2025-51541-shopware-xss-md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability exists in the Shopware 6 installation interface at /recovery/install/database-configuration/. The c_database_schema field fails to properly sanitize user-supplied input before rendering it in the browser, allowing an attacker to inject malicious JavaScript. This vulnerability can be exploited via a Cross-Site Request Forgery (CSRF) attack due to the absence of CSRF protections on the POST request. An unauthenticated remote attacker can craft a malicious web page that, when visited by a victim, stores the payload persistently in the installation configuration. As a result, the payload executes whenever any user subsequently accesses the vulnerable installation page, leading to persistent client-side code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-05T19:43:27.688Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.dax-tokaido.com/recovery/install/database-configuration/"
},
{
"url": "https://gist.github.com/anonx-hunter/a7ef32a01d7d888413b08bf8589fdd7e#file-cve-2025-51541-shopware-xss-md"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-51541",
"datePublished": "2025-08-05T00:00:00.000Z",
"dateReserved": "2025-06-16T00:00:00.000Z",
"dateUpdated": "2025-08-07T14:03:50.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-27892 (GCVE-0-2025-27892)
Vulnerability from cvelistv5 – Published: 2025-04-15 00:00 – Updated: 2025-04-16 18:32
VLAI?
Summary
Shopware prior to version 6.5.8.13 is affected by a SQL injection vulnerability in the /api/search/order endpoint. NOTE: this issue exists because of a CVE-2024-22406 and CVE-2024-42357 regression.
Severity ?
6.8 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-27892",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T14:51:41.581388Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T18:32:23.303Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware prior to version 6.5.8.13 is affected by a SQL injection vulnerability in the /api/search/order endpoint. NOTE: this issue exists because of a CVE-2024-22406 and CVE-2024-42357 regression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T21:07:04.588Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-8g35-7rmw-7f59"
},
{
"url": "https://www.redteam-pentesting.de/en/advisories/rt-sa-2025-001/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-27892",
"datePublished": "2025-04-15T00:00:00.000Z",
"dateReserved": "2025-03-10T00:00:00.000Z",
"dateUpdated": "2025-04-16T18:32:23.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-32378 (GCVE-0-2025-32378)
Vulnerability from cvelistv5 – Published: 2025-04-09 15:37 – Updated: 2025-04-09 20:46
VLAI?
Summary
Shopware is an open source e-commerce software platform. Prior to 6.6.10.3 or 6.5.8.17, the default settings for double-opt-in allow for mass unsolicited newsletter sign-ups without confirmation. Default settings are Newsletter: Double Opt-in set to active, Newsletter: Double opt-in for registered customers set to disabled, and Log-in & sign-up: Double opt-in on sign-up set to disabled. With these settings, anyone can register an account on the shop using any e-mail-address and then check the check-box in the account page to sign up for the newsletter. The recipient will receive two mails confirming registering and signing up for the newsletter, no confirmation link needed to be clicked for either. In the backend the recipient is set to “instantly active”. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17.
Severity ?
CWE
- CWE-799 - Improper Control of Interaction Frequency
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32378",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T17:32:57.312691Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T20:46:25.559Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.5.8.17"
},
{
"status": "affected",
"version": "\u003e= 6.6.0.0, \u003c 6.6.10.3"
},
{
"status": "affected",
"version": "\u003e= 6.7.0.0-rc1, \u003c 6.7.0.0-rc2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source e-commerce software platform. Prior to 6.6.10.3 or 6.5.8.17, the default settings for double-opt-in allow for mass unsolicited newsletter sign-ups without confirmation. Default settings are Newsletter: Double Opt-in set to active, Newsletter: Double opt-in for registered customers set to disabled, and Log-in \u0026 sign-up: Double opt-in on sign-up set to disabled. With these settings, anyone can register an account on the shop using any e-mail-address and then check the check-box in the account page to sign up for the newsletter. The recipient will receive two mails confirming registering and signing up for the newsletter, no confirmation link needed to be clicked for either. In the backend the recipient is set to \u201cinstantly active\u201d. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-799",
"description": "CWE-799: Improper Control of Interaction Frequency",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T15:37:44.010Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-4h9w-7vfp-px8m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-4h9w-7vfp-px8m"
}
],
"source": {
"advisory": "GHSA-4h9w-7vfp-px8m",
"discovery": "UNKNOWN"
},
"title": "Shopware\u0027s default newsletter opt-in settings allow for mass sign-up abuse"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-32378",
"datePublished": "2025-04-09T15:37:44.010Z",
"dateReserved": "2025-04-06T19:46:02.461Z",
"dateUpdated": "2025-04-09T20:46:25.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-30150 (GCVE-0-2025-30150)
Vulnerability from cvelistv5 – Published: 2025-04-08 13:46 – Updated: 2025-04-08 18:46
VLAI?
Summary
Shopware 6 is an open commerce platform based on Symfony Framework and Vue. Through the store-api it is possible as a attacker to check if a specific e-mail address has an account in the shop. Using the store-api endpoint /store-api/account/recovery-password you get the response, which indicates clearly that there is no account for this customer. In contrast you get a success response if the account was found. This vulnerability is fixed in Shopware 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.
Severity ?
CWE
- CWE-204 - Observable Response Discrepancy
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30150",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T18:45:06.362334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T18:46:21.570Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.5.8.17"
},
{
"status": "affected",
"version": "\u003e= 6.6.0.0, \u003c 6.6.10.3"
},
{
"status": "affected",
"version": "\u003e= 6.7.0.0-rc1, \u003c 6.7.0.0-rc2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware 6 is an open commerce platform based on Symfony Framework and Vue. Through the store-api it is possible as a attacker to check if a specific e-mail address has an account in the shop. Using the store-api endpoint /store-api/account/recovery-password you get the response, which indicates clearly that there is no account for this customer. In contrast you get a success response if the account was found. This vulnerability is fixed in Shopware 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-204",
"description": "CWE-204: Observable Response Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T13:46:44.823Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-hh7j-6x3q-f52h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-hh7j-6x3q-f52h"
}
],
"source": {
"advisory": "GHSA-hh7j-6x3q-f52h",
"discovery": "UNKNOWN"
},
"title": "Shopware 6 allows attackers to check for registered accounts through the store-api"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-30150",
"datePublished": "2025-04-08T13:46:44.823Z",
"dateReserved": "2025-03-17T12:41:42.565Z",
"dateUpdated": "2025-04-08T18:46:21.570Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-30151 (GCVE-0-2025-30151)
Vulnerability from cvelistv5 – Published: 2025-04-08 13:46 – Updated: 2025-04-08 18:47
VLAI?
Summary
Shopware is an open commerce platform. It's possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.
Severity ?
7.5 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30151",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T18:47:17.395503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T18:47:54.011Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.5.8.17"
},
{
"status": "affected",
"version": "\u003e= 6.6.0.0, \u003c 6.6.10.3"
},
{
"status": "affected",
"version": "\u003e= 6.7.0.0-rc1, \u003c 6.7.0.0-rc2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. It\u0027s possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T13:46:30.629Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-cgfj-hj93-rmh2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-cgfj-hj93-rmh2"
}
],
"source": {
"advisory": "GHSA-cgfj-hj93-rmh2",
"discovery": "UNKNOWN"
},
"title": "Shopware allows Denial Of Service via password length"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-30151",
"datePublished": "2025-04-08T13:46:30.629Z",
"dateReserved": "2025-03-17T12:41:42.565Z",
"dateUpdated": "2025-04-08T18:47:54.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42357 (GCVE-0-2024-42357)
Vulnerability from cvelistv5 – Published: 2024-08-08 14:55 – Updated: 2024-08-08 18:33
VLAI?
Summary
Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the `aggregations` object. The `name` field in this `aggregations` object is vulnerable SQL-injection and can be exploited using SQL parameters. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.1, 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin.
Severity ?
7.3 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"lessThanOrEqual": "6.6.5.0",
"status": "affected",
"version": "6.6.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.5.8.12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42357",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T18:17:05.467392Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T18:33:33.536Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.6.0.0, \u003c= 6.6.5.0"
},
{
"status": "affected",
"version": "\u003c= 6.5.8.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the `aggregations` object. The `name` field in this `aggregations` object is vulnerable SQL-injection and can be exploited using SQL parameters. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.1, 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T14:55:50.674Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-p6w9-r443-r752",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-p6w9-r443-r752"
},
{
"name": "https://github.com/shopware/core/commit/63c05615694790f5790a04ef889f42b764fa53c9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/core/commit/63c05615694790f5790a04ef889f42b764fa53c9"
},
{
"name": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f"
},
{
"name": "https://github.com/shopware/shopware/commit/57ea2f3c59483cf7c0f853e7a0d68c23ded1fe5b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/57ea2f3c59483cf7c0f853e7a0d68c23ded1fe5b"
},
{
"name": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac"
}
],
"source": {
"advisory": "GHSA-p6w9-r443-r752",
"discovery": "UNKNOWN"
},
"title": "Shopware vulnerable to blind SQL-injection in DAL aggregations"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-42357",
"datePublished": "2024-08-08T14:55:50.674Z",
"dateReserved": "2024-07-30T14:01:33.922Z",
"dateUpdated": "2024-08-08T18:33:33.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42356 (GCVE-0-2024-42356)
Vulnerability from cvelistv5 – Published: 2024-08-08 14:52 – Updated: 2024-08-09 15:55
VLAI?
Summary
Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the `context` variable is injected into almost any Twig Template and allows to access to current language, currency information. The context object allows also to switch for a short time the scope of the Context as a helper with a callable function. The function can be called also from Twig and as the second parameter allows any callable, it's possible to call from Twig any statically callable PHP function/method. It's not possible as customer to provide any Twig code, the attacker would require access to Administration to exploit it using Mail templates or using App Scripts. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.1, 6.2, 6.3 and 6.4 corresponding security measures are also available via a plugin.
Severity ?
8.3 (High)
CWE
- CWE-1336 - Improper Neutralization of Special Elements Used in a Template Engine
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"lessThanOrEqual": "6.5.8.12",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.5.0",
"status": "affected",
"version": "6.6.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42356",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-09T15:51:49.931045Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-09T15:55:33.933Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c= 6.5.8.12"
},
{
"status": "affected",
"version": "\u003e= 6.6.0.0, \u003c= 6.6.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the `context` variable is injected into almost any Twig Template and allows to access to current language, currency information. The context object allows also to switch for a short time the scope of the Context as a helper with a callable function. The function can be called also from Twig and as the second parameter allows any callable, it\u0027s possible to call from Twig any statically callable PHP function/method. It\u0027s not possible as customer to provide any Twig code, the attacker would require access to Administration to exploit it using Mail templates or using App Scripts. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.1, 6.2, 6.3 and 6.4 corresponding security measures are also available via a plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T14:52:53.604Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-35jp-8cgg-p4wj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-35jp-8cgg-p4wj"
},
{
"name": "https://github.com/shopware/core/commit/04183e0c02af3b404eb7d52c683734bfe0595038",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/core/commit/04183e0c02af3b404eb7d52c683734bfe0595038"
},
{
"name": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f"
},
{
"name": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac"
},
{
"name": "https://github.com/shopware/shopware/commit/e43423bcc93c618c3036f94c12aa29514da8cf2e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/e43423bcc93c618c3036f94c12aa29514da8cf2e"
}
],
"source": {
"advisory": "GHSA-35jp-8cgg-p4wj",
"discovery": "UNKNOWN"
},
"title": "Shopware vulnerable to Server Side Template Injection in Twig using Context functions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-42356",
"datePublished": "2024-08-08T14:52:53.604Z",
"dateReserved": "2024-07-30T14:01:33.922Z",
"dateUpdated": "2024-08-09T15:55:33.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42355 (GCVE-0-2024-42355)
Vulnerability from cvelistv5 – Published: 2024-08-08 14:49 – Updated: 2024-08-08 15:32
VLAI?
Summary
Shopware, an open ecommerce platform, has a new Twig Tag `sw_silent_feature_call` which silences deprecation messages while triggered in this tag. Prior to versions 6.6.5.1 and 6.5.8.13, it accepts as parameter a string the feature flag name to silence, but this parameter is not escaped properly and allows execution of code. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin.
Severity ?
8.3 (High)
CWE
- CWE-1336 - Improper Neutralization of Special Elements Used in a Template Engine
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"lessThan": "6.5.8.13",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.5.1",
"status": "affected",
"version": "6.6.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T15:26:25.050210Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T15:32:50.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c= 6.5.8.12"
},
{
"status": "affected",
"version": "\u003e= 6.6.0.0, \u003c= 6.6.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware, an open ecommerce platform, has a new Twig Tag `sw_silent_feature_call` which silences deprecation messages while triggered in this tag. Prior to versions 6.6.5.1 and 6.5.8.13, it accepts as parameter a string the feature flag name to silence, but this parameter is not escaped properly and allows execution of code. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T14:49:38.492Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-27wp-jvhw-v4xp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-27wp-jvhw-v4xp"
},
{
"name": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f"
},
{
"name": "https://github.com/shopware/core/commit/d35ee2eda5c995faeb08b3dad127eab65c64e2a2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/core/commit/d35ee2eda5c995faeb08b3dad127eab65c64e2a2"
},
{
"name": "https://github.com/shopware/shopware/commit/445c6763cc093fbd651e0efaa4150deae4ae60da",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/445c6763cc093fbd651e0efaa4150deae4ae60da"
},
{
"name": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac"
}
],
"source": {
"advisory": "GHSA-27wp-jvhw-v4xp",
"discovery": "UNKNOWN"
},
"title": "Shopware vulnerable to Server Side Template Injection in Twig using deprecation silence tag"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-42355",
"datePublished": "2024-08-08T14:49:38.492Z",
"dateReserved": "2024-07-30T14:01:33.922Z",
"dateUpdated": "2024-08-08T15:32:50.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42354 (GCVE-0-2024-42354)
Vulnerability from cvelistv5 – Published: 2024-08-08 14:44 – Updated: 2024-08-08 15:24
VLAI?
Summary
Shopware is an open commerce platform. The store-API works with regular entities and not expose all fields for the public API; fields need to be marked as ApiAware in the EntityDefinition. So only ApiAware fields of the EntityDefinition will be encoded to the final JSON. Prior to versions 6.6.5.1 and 6.5.8.13, the processing of the Criteria did not considered ManyToMany associations and so they were not considered properly and the protections didn't get used. This issue cannot be reproduced with the default entities by Shopware, but can be triggered with extensions. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin.
Severity ?
5.3 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42354",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T15:24:16.776137Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T15:24:38.347Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c= 6.5.8.12"
},
{
"status": "affected",
"version": "\u003e= 6.6.0.0, \u003c= 6.6.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. The store-API works with regular entities and not expose all fields for the public API; fields need to be marked as ApiAware in the EntityDefinition. So only ApiAware fields of the EntityDefinition will be encoded to the final JSON. Prior to versions 6.6.5.1 and 6.5.8.13, the processing of the Criteria did not considered ManyToMany associations and so they were not considered properly and the protections didn\u0027t get used. This issue cannot be reproduced with the default entities by Shopware, but can be triggered with extensions. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T14:44:24.678Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-hhcq-ph6w-494g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-hhcq-ph6w-494g"
},
{
"name": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f"
},
{
"name": "https://github.com/shopware/core/commit/d35ee2eda5c995faeb08b3dad127eab65c64e2a2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/core/commit/d35ee2eda5c995faeb08b3dad127eab65c64e2a2"
},
{
"name": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac"
},
{
"name": "https://github.com/shopware/shopware/commit/ad83d38809df457efef21c37ce0996430334bf01",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/ad83d38809df457efef21c37ce0996430334bf01"
}
],
"source": {
"advisory": "GHSA-hhcq-ph6w-494g",
"discovery": "UNKNOWN"
},
"title": "Shopware vulnerable to Improper Access Control with ManyToMany associations in store-api"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-42354",
"datePublished": "2024-08-08T14:44:24.678Z",
"dateReserved": "2024-07-30T14:01:33.922Z",
"dateUpdated": "2024-08-08T15:24:38.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31447 (GCVE-0-2024-31447)
Vulnerability from cvelistv5 – Published: 2024-04-08 15:39 – Updated: 2024-09-03 18:25
VLAI?
Summary
Shopware 6 is an open commerce platform based on Symfony Framework and Vue. Starting in version 6.3.5.0 and prior to versions 6.6.1.0 and 6.5.8.8, when a authenticated request is made to `POST /store-api/account/logout`, the cart will be cleared, but the User won't be logged out. This affects only the direct store-api usage, as the PHP Storefront listens additionally on `CustomerLogoutEvent` and invalidates the session additionally. The problem has been fixed in Shopware 6.6.1.0 and 6.5.8.8. Those who are unable to update can install the latest version of the Shopware Security Plugin as a workaround.
Severity ?
5.3 (Medium)
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:52:56.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-5297-wrrp-rcj7",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-5297-wrrp-rcj7"
},
{
"name": "https://github.com/shopware/shopware/commit/5cc84ddd817ad0c1d07f9b3c79ab346d50514a77",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/commit/5cc84ddd817ad0c1d07f9b3c79ab346d50514a77"
},
{
"name": "https://github.com/shopware/shopware/commit/d29775aa758f70d08e0c5999795c7c26d230e7d3",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/commit/d29775aa758f70d08e0c5999795c7c26d230e7d3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31447",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T15:22:21.295783Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T18:25:39.752Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.3.5.0, \u003c 6.5.8.8"
},
{
"status": "affected",
"version": "\u003e= 6.6.0.0-rc1, \u003c 6.6.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware 6 is an open commerce platform based on Symfony Framework and Vue. Starting in version 6.3.5.0 and prior to versions 6.6.1.0 and 6.5.8.8, when a authenticated request is made to `POST /store-api/account/logout`, the cart will be cleared, but the User won\u0027t be logged out. This affects only the direct store-api usage, as the PHP Storefront listens additionally on `CustomerLogoutEvent` and invalidates the session additionally. The problem has been fixed in Shopware 6.6.1.0 and 6.5.8.8. Those who are unable to update can install the latest version of the Shopware Security Plugin as a workaround.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613: Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T15:48:24.047Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-5297-wrrp-rcj7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-5297-wrrp-rcj7"
},
{
"name": "https://github.com/shopware/shopware/commit/5cc84ddd817ad0c1d07f9b3c79ab346d50514a77",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/5cc84ddd817ad0c1d07f9b3c79ab346d50514a77"
},
{
"name": "https://github.com/shopware/shopware/commit/d29775aa758f70d08e0c5999795c7c26d230e7d3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/d29775aa758f70d08e0c5999795c7c26d230e7d3"
}
],
"source": {
"advisory": "GHSA-5297-wrrp-rcj7",
"discovery": "UNKNOWN"
},
"title": "Shopware has Improper Session Handling in store-api"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-31447",
"datePublished": "2024-04-08T15:39:29.678Z",
"dateReserved": "2024-04-03T17:55:32.645Z",
"dateUpdated": "2024-09-03T18:25:39.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27917 (GCVE-0-2024-27917)
Vulnerability from cvelistv5 – Published: 2024-03-06 19:36 – Updated: 2024-08-05 20:07
VLAI?
Summary
Shopware is an open commerce platform based on Symfony Framework and Vue. The Symfony Session Handler pops the Session Cookie and assigns it to the Response. Since Shopware 6.5.8.0, the 404 pages are cached to improve the performance of 404 pages. So the cached Response which contains a Session Cookie when the Browser accessing the 404 page, has no cookies yet. The Symfony Session Handler is in use, when no explicit Session configuration has been done. When Redis is in use for Sessions using the PHP Redis extension, this exploiting code is not used. Shopware version 6.5.8.7 contains a patch for this issue. As a workaround, use Redis for Sessions, as this does not trigger the exploit code.
Severity ?
7.5 (High)
CWE
- CWE-524 - Use of Cache Containing Sensitive Information
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:55.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-c2f9-4jmm-v45m",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-c2f9-4jmm-v45m"
},
{
"name": "https://github.com/shopware/shopware/commit/7d9cb03225efca5f97e69b800d8747598dd15ce3",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/commit/7d9cb03225efca5f97e69b800d8747598dd15ce3"
},
{
"name": "https://github.com/shopware/storefront/commit/3477e4a425d3c54b4bfae82d703fe3838dc21d3e",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/storefront/commit/3477e4a425d3c54b4bfae82d703fe3838dc21d3e"
},
{
"name": "https://github.com/shopware/shopware/releases/tag/v6.5.8.7",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/releases/tag/v6.5.8.7"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"lessThan": "6.5.8.7",
"status": "affected",
"version": "6.5.8.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27917",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T20:06:20.280295Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T20:07:41.626Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.5.8.0, \u003c 6.5.8.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform based on Symfony Framework and Vue. The Symfony Session Handler pops the Session Cookie and assigns it to the Response. Since Shopware 6.5.8.0, the 404 pages are cached to improve the performance of 404 pages. So the cached Response which contains a Session Cookie when the Browser accessing the 404 page, has no cookies yet. The Symfony Session Handler is in use, when no explicit Session configuration has been done. When Redis is in use for Sessions using the PHP Redis extension, this exploiting code is not used. Shopware version 6.5.8.7 contains a patch for this issue. As a workaround, use Redis for Sessions, as this does not trigger the exploit code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-524",
"description": "CWE-524: Use of Cache Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-06T19:36:27.357Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-c2f9-4jmm-v45m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-c2f9-4jmm-v45m"
},
{
"name": "https://github.com/shopware/shopware/commit/7d9cb03225efca5f97e69b800d8747598dd15ce3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/7d9cb03225efca5f97e69b800d8747598dd15ce3"
},
{
"name": "https://github.com/shopware/storefront/commit/3477e4a425d3c54b4bfae82d703fe3838dc21d3e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/storefront/commit/3477e4a425d3c54b4bfae82d703fe3838dc21d3e"
},
{
"name": "https://github.com/shopware/shopware/releases/tag/v6.5.8.7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/releases/tag/v6.5.8.7"
}
],
"source": {
"advisory": "GHSA-c2f9-4jmm-v45m",
"discovery": "UNKNOWN"
},
"title": "Shopware\u0027s session is persistent in Cache for 404 pages"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-27917",
"datePublished": "2024-03-06T19:36:27.357Z",
"dateReserved": "2024-02-28T15:14:14.213Z",
"dateUpdated": "2024-08-05T20:07:41.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22406 (GCVE-0-2024-22406)
Vulnerability from cvelistv5 – Published: 2024-01-16 22:30 – Updated: 2025-06-02 15:06
VLAI?
Summary
Shopware is an open headless commerce platform. The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the “aggregations” object. The ‘name’ field in this “aggregations” object is vulnerable SQL-injection and can be exploited using time-based SQL-queries. This issue has been addressed and users are advised to update to Shopware 6.5.7.4. For older versions of 6.1, 6.2, 6.3 and 6.4 corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.
Severity ?
9.3 (Critical)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-qmp9-2xwj-m6m9",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-qmp9-2xwj-m6m9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22406",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:42:55.187365Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T15:06:58.811Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.5.7.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open headless commerce platform. The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the \u201caggregations\u201d object. The \u2018name\u2019 field in this \u201caggregations\u201d object is vulnerable SQL-injection and can be exploited using time-based SQL-queries. This issue has been addressed and users are advised to update to Shopware 6.5.7.4. For older versions of 6.1, 6.2, 6.3 and 6.4 corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-16T22:30:04.324Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-qmp9-2xwj-m6m9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-qmp9-2xwj-m6m9"
}
],
"source": {
"advisory": "GHSA-qmp9-2xwj-m6m9",
"discovery": "UNKNOWN"
},
"title": "Blind SQL-injection in DAL aggregations in Shopware"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-22406",
"datePublished": "2024-01-16T22:30:04.324Z",
"dateReserved": "2024-01-10T15:09:55.549Z",
"dateUpdated": "2025-06-02T15:06:58.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22407 (GCVE-0-2024-22407)
Vulnerability from cvelistv5 – Published: 2024-01-16 22:29 – Updated: 2024-11-13 19:39
VLAI?
Summary
Shopware is an open headless commerce platform. In the Shopware CMS, the state handler for orders fails to sufficiently verify user authorizations for actions that modify the payment, delivery, and/or order status. Due to this inadequate implementation, users lacking 'write' permissions for orders are still able to change the order state. This issue has been addressed and users are advised to update to Shopware 6.5.7.4. For older versions of 6.1, 6.2, 6.3 and 6.4 corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.
Severity ?
4.9 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-3867-jc5c-66qf",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-3867-jc5c-66qf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22407",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-23T16:09:33.514980Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T19:39:35.421Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.5.7.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open headless commerce platform. In the Shopware CMS, the state handler for orders fails to sufficiently verify user authorizations for actions that modify the payment, delivery, and/or order status. Due to this inadequate implementation, users lacking \u0027write\u0027 permissions for orders are still able to change the order state. This issue has been addressed and users are advised to update to Shopware 6.5.7.4. For older versions of 6.1, 6.2, 6.3 and 6.4 corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-16T22:29:06.955Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-3867-jc5c-66qf",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-3867-jc5c-66qf"
}
],
"source": {
"advisory": "GHSA-3867-jc5c-66qf",
"discovery": "UNKNOWN"
},
"title": "Broken Access Control order API in Shopware"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-22407",
"datePublished": "2024-01-16T22:29:06.955Z",
"dateReserved": "2024-01-10T15:09:55.549Z",
"dateUpdated": "2024-11-13T19:39:35.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22408 (GCVE-0-2024-22408)
Vulnerability from cvelistv5 – Published: 2024-01-16 22:26 – Updated: 2025-06-17 21:19
VLAI?
Summary
Shopware is an open headless commerce platform. The implemented Flow Builder functionality in the Shopware application does not adequately validate the URL used when creating the “call webhook” action. This enables malicious users to perform web requests to internal hosts. This issue has been fixed in the Commercial Plugin release 6.5.7.4 or with the Security Plugin. For installations with Shopware 6.4 the Security plugin is recommended to be installed and up to date. For older versions of 6.4 and 6.5 corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.
Severity ?
7.6 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.936Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-3535-m8vh-vrmw",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-3535-m8vh-vrmw"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22408",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-17T17:02:17.645575Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T21:19:16.067Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.5.7.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open headless commerce platform. The implemented Flow Builder functionality in the Shopware application does not adequately validate the URL used when creating the \u201ccall webhook\u201d action. This enables malicious users to perform web requests to internal hosts. This issue has been fixed in the Commercial Plugin release 6.5.7.4 or with the Security Plugin. For installations with Shopware 6.4 the Security plugin is recommended to be installed and up to date. For older versions of 6.4 and 6.5 corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-16T22:26:41.447Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-3535-m8vh-vrmw",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-3535-m8vh-vrmw"
}
],
"source": {
"advisory": "GHSA-3535-m8vh-vrmw",
"discovery": "UNKNOWN"
},
"title": "Server-Side Request Forgery (SSRF) in Shopware Flow Builder"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-22408",
"datePublished": "2024-01-16T22:26:41.447Z",
"dateReserved": "2024-01-10T15:09:55.549Z",
"dateUpdated": "2025-06-17T21:19:16.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34099 (GCVE-0-2023-34099)
Vulnerability from cvelistv5 – Published: 2023-06-27 16:29 – Updated: 2024-11-07 17:03
VLAI?
Summary
Shopware is an open source e-commerce software. The mail validation in the registration process had some flaws, so it was possible to construct different mail addresses, that in the end result in the same address, which is shared by multiple accounts. This issue has been addressed in version 5.7.18 and users are advised to update. There are no known workarounds for this vulnerability.
Severity ?
5.3 (Medium)
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:53.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-gh66-fp7j-98v5",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-gh66-fp7j-98v5"
},
{
"name": "https://github.com/shopware5/shopware/commit/39cc714d9a0be33b43877044d0b88ea3c6b43f3d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware5/shopware/commit/39cc714d9a0be33b43877044d0b88ea3c6b43f3d"
},
{
"name": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023"
},
{
"name": "https://www.shopware.com/en/changelog-sw5/#5-7-18",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.shopware.com/en/changelog-sw5/#5-7-18"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"lessThan": "5.7.18",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"lessThan": "5.7.18",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34099",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T17:02:39.760502Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T17:03:59.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 5.7.18"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source e-commerce software. The mail validation in the registration process had some flaws, so it was possible to construct different mail addresses, that in the end result in the same address, which is shared by multiple accounts. This issue has been addressed in version 5.7.18 and users are advised to update. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-27T16:29:07.220Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-gh66-fp7j-98v5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-gh66-fp7j-98v5"
},
{
"name": "https://github.com/shopware5/shopware/commit/39cc714d9a0be33b43877044d0b88ea3c6b43f3d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware5/shopware/commit/39cc714d9a0be33b43877044d0b88ea3c6b43f3d"
},
{
"name": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023"
},
{
"name": "https://www.shopware.com/en/changelog-sw5/#5-7-18",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.shopware.com/en/changelog-sw5/#5-7-18"
}
],
"source": {
"advisory": "GHSA-gh66-fp7j-98v5",
"discovery": "UNKNOWN"
},
"title": "Improper mail validation in Shopware"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-34099",
"datePublished": "2023-06-27T16:29:07.220Z",
"dateReserved": "2023-05-25T21:56:51.245Z",
"dateUpdated": "2024-11-07T17:03:59.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34098 (GCVE-0-2023-34098)
Vulnerability from cvelistv5 – Published: 2023-06-27 16:25 – Updated: 2024-11-07 17:05
VLAI?
Summary
Shopware is an open source e-commerce software. Due to an incorrect configuration in the `.htaccess` file, the configuration file of the Javascript could be read in production environments (`themes/package-lock.json`). With this information, the specific Shopware version in a deployment might be determined by an attacker, which could be used for further attacks. Users are advised to update to version 5.7.18. There are no known workarounds for this vulnerability.
Severity ?
5.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:53.536Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-q97c-2mh3-pgw9",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-q97c-2mh3-pgw9"
},
{
"name": "https://github.com/shopware5/shopware/commit/b3518c8d9562a38615d638f31f79829f6e2f4b6a",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware5/shopware/commit/b3518c8d9562a38615d638f31f79829f6e2f4b6a"
},
{
"name": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023"
},
{
"name": "https://www.shopware.com/en/changelog-sw5/#5-7-18",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.shopware.com/en/changelog-sw5/#5-7-18"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"lessThan": "5.7.18",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34098",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T17:04:30.262396Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T17:05:23.474Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 5.7.18"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source e-commerce software. Due to an incorrect configuration in the `.htaccess` file, the configuration file of the Javascript could be read in production environments (`themes/package-lock.json`). With this information, the specific Shopware version in a deployment might be determined by an attacker, which could be used for further attacks. Users are advised to update to version 5.7.18. There are no known workarounds for this vulnerability.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-27T16:25:15.157Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-q97c-2mh3-pgw9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-q97c-2mh3-pgw9"
},
{
"name": "https://github.com/shopware5/shopware/commit/b3518c8d9562a38615d638f31f79829f6e2f4b6a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware5/shopware/commit/b3518c8d9562a38615d638f31f79829f6e2f4b6a"
},
{
"name": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023"
},
{
"name": "https://www.shopware.com/en/changelog-sw5/#5-7-18",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.shopware.com/en/changelog-sw5/#5-7-18"
}
],
"source": {
"advisory": "GHSA-q97c-2mh3-pgw9",
"discovery": "UNKNOWN"
},
"title": "Dependency configuration exposed in Shopware"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-34098",
"datePublished": "2023-06-27T16:25:15.157Z",
"dateReserved": "2023-05-25T21:56:51.245Z",
"dateUpdated": "2024-11-07T17:05:23.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48150 (GCVE-0-2022-48150)
Vulnerability from cvelistv5 – Published: 2023-04-21 00:00 – Updated: 2025-02-05 14:48
VLAI?
Summary
Shopware v5.5.10 was discovered to contain a cross-site scripting (XSS) vulnerability via the recovery/install/ URI.
Severity ?
6.1 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:02:36.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/sahilop123/-CVE-2022-48150"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48150",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T14:48:17.142683Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T14:48:21.977Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware v5.5.10 was discovered to contain a cross-site scripting (XSS) vulnerability via the recovery/install/ URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-22T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/sahilop123/-CVE-2022-48150"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-48150",
"datePublished": "2023-04-21T00:00:00.000Z",
"dateReserved": "2022-12-29T00:00:00.000Z",
"dateUpdated": "2025-02-05T14:48:21.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2017 (GCVE-0-2023-2017)
Vulnerability from cvelistv5 – Published: 2023-04-17 10:18 – Updated: 2025-02-05 20:46
VLAI?
Summary
Server-side Template Injection (SSTI) in Shopware 6 (<= v6.4.20.0, v6.5.0.0-rc1 <= v6.5.0.0-rc4), affecting both shopware/core and shopware/platform GitHub repositories, allows remote attackers with access to a Twig environment without the Sandbox extension to bypass the validation checks in `Shopware\Core\Framework\Adapter\Twig\SecurityExtension` and call any arbitrary PHP function and thus execute arbitrary code/commands via usage of fully-qualified names, supplied as array of strings, when referencing callables. Users are advised to upgrade to v6.4.20.1 to resolve this issue. This is a bypass of CVE-2023-22731.
Severity ?
8.8 (High)
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Shopware AG | Shopware 6 |
Affected:
0 , ≤ 6.4.20.0
(semver)
Affected: 6.5.0.0-rc1 , ≤ 6.5.0.0-rc4 (semver) |
Credits
Ngo Wei Lin (@Creastery) of STAR Labs SG Pte. Ltd. (@starlabs_sg)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:12:19.518Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-04-2023"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-7v2v-9rm4-7m8f"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://starlabs.sg/advisories/23/23-2017/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2017",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T20:46:34.501269Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T20:46:43.936Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Shopware 6",
"vendor": "Shopware AG",
"versions": [
{
"lessThanOrEqual": "6.4.20.0",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.5.0.0-rc4",
"status": "affected",
"version": "6.5.0.0-rc1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Ngo Wei Lin (@Creastery) of STAR Labs SG Pte. Ltd. (@starlabs_sg)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Server-side Template Injection (SSTI) in Shopware 6 (\u0026lt;= v6.4.20.0, v6.5.0.0-rc1 \u0026lt;= v6.5.0.0-rc4), affecting both shopware/core and shopware/platform GitHub repositories, allows remote attackers with access to a Twig environment without the Sandbox extension to bypass the validation checks in `Shopware\\Core\\Framework\\Adapter\\Twig\\SecurityExtension` and call any arbitrary PHP function and thus execute arbitrary code/commands via usage of fully-qualified names, supplied as array of strings, when referencing callables. Users are advised to upgrade to v6.4.20.1 to resolve this issue. This is a bypass of CVE-2023-22731.\u003cbr\u003e"
}
],
"value": "Server-side Template Injection (SSTI) in Shopware 6 (\u003c= v6.4.20.0, v6.5.0.0-rc1 \u003c= v6.5.0.0-rc4), affecting both shopware/core and shopware/platform GitHub repositories, allows remote attackers with access to a Twig environment without the Sandbox extension to bypass the validation checks in `Shopware\\Core\\Framework\\Adapter\\Twig\\SecurityExtension` and call any arbitrary PHP function and thus execute arbitrary code/commands via usage of fully-qualified names, supplied as array of strings, when referencing callables. Users are advised to upgrade to v6.4.20.1 to resolve this issue. This is a bypass of CVE-2023-22731.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-184",
"description": "CWE-184 Incomplete List of Disallowed Inputs",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336 Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-19T06:34:45.957Z",
"orgId": "b1571b85-cbc9-431f-830b-0c8155323a69",
"shortName": "STAR_Labs"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-04-2023"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-7v2v-9rm4-7m8f"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://starlabs.sg/advisories/23/23-2017/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\nUsers are advised to upgrade to v6.4.20.1 to resolve this issue.\n\n\u003cbr\u003e"
}
],
"value": "Users are advised to upgrade to v6.4.20.1 to resolve this issue.\n\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Improper Control of Generation of Code in Twig Rendered Views in Shopware",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b1571b85-cbc9-431f-830b-0c8155323a69",
"assignerShortName": "STAR_Labs",
"cveId": "CVE-2023-2017",
"datePublished": "2023-04-17T10:18:27.543Z",
"dateReserved": "2023-04-13T04:21:56.530Z",
"dateUpdated": "2025-02-05T20:46:43.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23941 (GCVE-0-2023-23941)
Vulnerability from cvelistv5 – Published: 2023-02-03 20:26 – Updated: 2025-03-10 21:16
VLAI?
Summary
SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used (PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card), the amount and item list sent to PayPal may not be identical to the one in the created order. The problem has been fixed with version 5.4.4. As a workaround, disable the aforementioned payment methods or use the Security Plugin in version >= 1.0.21.
Severity ?
7.5 (High)
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| shopware | SwagPayPal |
Affected:
< 5.4.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:49:07.974Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/SwagPayPal/security/advisories/GHSA-vxpm-8hcp-qh27",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/SwagPayPal/security/advisories/GHSA-vxpm-8hcp-qh27"
},
{
"name": "https://github.com/shopware/SwagPayPal/commit/57db5f4a57ef0a1646b509b415de9f03bf441b08",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/SwagPayPal/commit/57db5f4a57ef0a1646b509b415de9f03bf441b08"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23941",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T20:59:08.376859Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T21:16:43.990Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SwagPayPal",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 5.4.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used (PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card), the amount and item list sent to PayPal may not be identical to the one in the created order. The problem has been fixed with version 5.4.4. As a workaround, disable the aforementioned payment methods or use the Security Plugin in version \u003e= 1.0.21."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345: Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-03T20:26:52.692Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/SwagPayPal/security/advisories/GHSA-vxpm-8hcp-qh27",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/SwagPayPal/security/advisories/GHSA-vxpm-8hcp-qh27"
},
{
"name": "https://github.com/shopware/SwagPayPal/commit/57db5f4a57ef0a1646b509b415de9f03bf441b08",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/SwagPayPal/commit/57db5f4a57ef0a1646b509b415de9f03bf441b08"
}
],
"source": {
"advisory": "GHSA-vxpm-8hcp-qh27",
"discovery": "UNKNOWN"
},
"title": "SwagPayPal payment not sent to PayPal correctly"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-23941",
"datePublished": "2023-02-03T20:26:52.692Z",
"dateReserved": "2023-01-19T21:12:31.361Z",
"dateUpdated": "2025-03-10T21:16:43.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22733 (GCVE-0-2023-22733)
Vulnerability from cvelistv5 – Published: 2023-01-17 21:37 – Updated: 2025-03-10 21:21
VLAI?
Summary
Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions the log module would write out all kind of sent mails. An attacker with access to either the local system logs or a centralized logging store may have access to other users accounts. This issue has been addressed in version 6.4.18.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version. Users unable to upgrade may remove from all users the log module ACL rights or disable logging.
Severity ?
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:50.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-7cp7-jfp6-jh4f",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-7cp7-jfp6-jh4f"
},
{
"name": "https://github.com/shopware/platform/commit/407a83063d7141c1a626441799c3ebef79498c07",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/platform/commit/407a83063d7141c1a626441799c3ebef79498c07"
},
{
"name": "https://developer.shopware.com/docs/guides/hosting/performance/performance-tweaks#logging",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://developer.shopware.com/docs/guides/hosting/performance/performance-tweaks#logging"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22733",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T20:59:45.523271Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T21:21:56.020Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "platform",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.4.18.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions the log module would write out all kind of sent mails. An attacker with access to either the local system logs or a centralized logging store may have access to other users accounts. This issue has been addressed in version 6.4.18.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version. Users unable to upgrade may remove from all users the log module ACL rights or disable logging."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-17T21:37:43.906Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-7cp7-jfp6-jh4f",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-7cp7-jfp6-jh4f"
},
{
"name": "https://github.com/shopware/platform/commit/407a83063d7141c1a626441799c3ebef79498c07",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/platform/commit/407a83063d7141c1a626441799c3ebef79498c07"
},
{
"name": "https://developer.shopware.com/docs/guides/hosting/performance/performance-tweaks#logging",
"tags": [
"x_refsource_MISC"
],
"url": "https://developer.shopware.com/docs/guides/hosting/performance/performance-tweaks#logging"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"source": {
"advisory": "GHSA-7cp7-jfp6-jh4f",
"discovery": "UNKNOWN"
},
"title": "Improper Output Neutralization in Log Module in shopware"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-22733",
"datePublished": "2023-01-17T21:37:43.906Z",
"dateReserved": "2023-01-06T14:21:05.891Z",
"dateUpdated": "2025-03-10T21:21:56.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22732 (GCVE-0-2023-22732)
Vulnerability from cvelistv5 – Published: 2023-01-17 21:34 – Updated: 2025-03-10 21:22
VLAI?
Summary
Shopware is an open source commerce platform based on Symfony Framework and Vue js. The Administration session expiration was set to one week, when an attacker has stolen the session cookie they could use it for a long period of time. In version 6.4.18.1 an automatic logout into the Administration session has been added. As a result the user will be logged out when they are inactive. Users are advised to upgrade. There are no known workarounds for this issue.
Severity ?
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:50.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-59qg-93jg-236f",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-59qg-93jg-236f"
},
{
"name": "https://github.com/shopware/platform/commit/cd7a89cbcd3a0428c6d1ef27b3aa15467a722ff6",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/platform/commit/cd7a89cbcd3a0428c6d1ef27b3aa15467a722ff6"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22732",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T20:59:48.235198Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T21:22:02.274Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "platform",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.4.18.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source commerce platform based on Symfony Framework and Vue js. The Administration session expiration was set to one week, when an attacker has stolen the session cookie they could use it for a long period of time. In version 6.4.18.1 an automatic logout into the Administration session has been added. As a result the user will be logged out when they are inactive. Users are advised to upgrade. There are no known workarounds for this issue.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613: Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-17T21:34:26.912Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-59qg-93jg-236f",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-59qg-93jg-236f"
},
{
"name": "https://github.com/shopware/platform/commit/cd7a89cbcd3a0428c6d1ef27b3aa15467a722ff6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/platform/commit/cd7a89cbcd3a0428c6d1ef27b3aa15467a722ff6"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"source": {
"advisory": "GHSA-59qg-93jg-236f",
"discovery": "UNKNOWN"
},
"title": "Insufficient Session Expiration in Administration in shopware"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-22732",
"datePublished": "2023-01-17T21:34:26.912Z",
"dateReserved": "2023-01-06T14:21:05.891Z",
"dateUpdated": "2025-03-10T21:22:02.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22731 (GCVE-0-2023-22731)
Vulnerability from cvelistv5 – Published: 2023-01-17 21:31 – Updated: 2025-03-10 21:22
VLAI?
Summary
Shopware is an open source commerce platform based on Symfony Framework and Vue js. In a Twig environment **without the Sandbox extension**, it is possible to refer to PHP functions in twig filters like `map`, `filter`, `sort`. This allows a template to call any global PHP function and thus execute arbitrary code. The attacker must have access to a Twig environment in order to exploit this vulnerability. This problem has been fixed with 6.4.18.1 with an override of the specified filters until the integration of the Sandbox extension has been finished. Users are advised to upgrade. Users of major versions 6.1, 6.2, and 6.3 may also receive this fix via a plugin.
Severity ?
10 (Critical)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:50.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-93cw-f5jj-x85w",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-93cw-f5jj-x85w"
},
{
"name": "https://github.com/shopware/platform/commit/89d1ea154689cb6202e0d3a0ceeae0febb0c09e1",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/platform/commit/89d1ea154689cb6202e0d3a0ceeae0febb0c09e1"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22731",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T20:58:32.609464Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T21:22:08.214Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "platform",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.4.18.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source commerce platform based on Symfony Framework and Vue js. In a Twig environment **without the Sandbox extension**, it is possible to refer to PHP functions in twig filters like `map`, `filter`, `sort`. This allows a template to call any global PHP function and thus execute arbitrary code. The attacker must have access to a Twig environment in order to exploit this vulnerability. This problem has been fixed with 6.4.18.1 with an override of the specified filters until the integration of the Sandbox extension has been finished. Users are advised to upgrade. Users of major versions 6.1, 6.2, and 6.3 may also receive this fix via a plugin.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-17T21:31:45.875Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-93cw-f5jj-x85w",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-93cw-f5jj-x85w"
},
{
"name": "https://github.com/shopware/platform/commit/89d1ea154689cb6202e0d3a0ceeae0febb0c09e1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/platform/commit/89d1ea154689cb6202e0d3a0ceeae0febb0c09e1"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"source": {
"advisory": "GHSA-93cw-f5jj-x85w",
"discovery": "UNKNOWN"
},
"title": "Improper Control of Generation of Code in Twig rendered views in shopware"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-22731",
"datePublished": "2023-01-17T21:31:45.875Z",
"dateReserved": "2023-01-06T14:21:05.891Z",
"dateUpdated": "2025-03-10T21:22:08.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22730 (GCVE-0-2023-22730)
Vulnerability from cvelistv5 – Published: 2023-01-17 21:27 – Updated: 2025-03-10 21:22
VLAI?
Summary
Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions It was possible to put the same line item multiple times in the cart using the AP. The Cart Validators checked the line item's individuality and the user was able to bypass quantity limits in sales. This problem has been fixed with version 6.4.18.1. Users on major versions 6.1, 6.2, and 6.3 may also obtain this fix via a plugin.
Severity ?
5.3 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:50.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-8r6h-m72v-38fg",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-8r6h-m72v-38fg"
},
{
"name": "https://github.com/shopware/platform/commit/4fce12096e54b2033832d9104fa2e68888c2b4e9",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/platform/commit/4fce12096e54b2033832d9104fa2e68888c2b4e9"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22730",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T20:59:33.924013Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T21:22:13.869Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "platform",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.4.18.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions It was possible to put the same line item multiple times in the cart using the AP. The Cart Validators checked the line item\u0027s individuality and the user was able to bypass quantity limits in sales. This problem has been fixed with version 6.4.18.1. Users on major versions 6.1, 6.2, and 6.3 may also obtain this fix via a plugin. \n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-17T21:27:50.656Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-8r6h-m72v-38fg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-8r6h-m72v-38fg"
},
{
"name": "https://github.com/shopware/platform/commit/4fce12096e54b2033832d9104fa2e68888c2b4e9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/platform/commit/4fce12096e54b2033832d9104fa2e68888c2b4e9"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"source": {
"advisory": "GHSA-8r6h-m72v-38fg",
"discovery": "UNKNOWN"
},
"title": "Improper Input Validation of Clearance sale in cart"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-22730",
"datePublished": "2023-01-17T21:27:50.656Z",
"dateReserved": "2023-01-06T14:21:05.891Z",
"dateUpdated": "2025-03-10T21:22:13.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22734 (GCVE-0-2023-22734)
Vulnerability from cvelistv5 – Published: 2023-01-17 21:21 – Updated: 2025-03-10 21:22
VLAI?
Summary
Shopware is an open source commerce platform based on Symfony Framework and Vue js. The newsletter double opt-in validation was not checked properly, and it was possible to skip the complete double opt in process. As a result operators may have inconsistencies in their newsletter systems. This problem has been fixed with version 6.4.18.1. Users are advised to upgrade. Users unable to upgrade may find security measures are available via a plugin for major versions 6.1, 6.2, and 6.3. Users may also disable newsletter registration completely.
Severity ?
4.3 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:50.203Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-46h7-vj7x-fxg2",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-46h7-vj7x-fxg2"
},
{
"name": "https://github.com/shopware/platform/commit/f5a95ee2bcf1e546878450963ef1d9886e59a620",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/platform/commit/f5a95ee2bcf1e546878450963ef1d9886e59a620"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22734",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T20:59:51.298480Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T21:22:21.731Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "platform",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.4.18.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source commerce platform based on Symfony Framework and Vue js. The newsletter double opt-in validation was not checked properly, and it was possible to skip the complete double opt in process. As a result operators may have inconsistencies in their newsletter systems. This problem has been fixed with version 6.4.18.1. Users are advised to upgrade. Users unable to upgrade may find security measures are available via a plugin for major versions 6.1, 6.2, and 6.3. Users may also disable newsletter registration completely.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-17T21:21:23.973Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-46h7-vj7x-fxg2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-46h7-vj7x-fxg2"
},
{
"name": "https://github.com/shopware/platform/commit/f5a95ee2bcf1e546878450963ef1d9886e59a620",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/platform/commit/f5a95ee2bcf1e546878450963ef1d9886e59a620"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"source": {
"advisory": "GHSA-46h7-vj7x-fxg2",
"discovery": "UNKNOWN"
},
"title": "Improper Input Newsletter subscription option validation in shopware"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-22734",
"datePublished": "2023-01-17T21:21:23.973Z",
"dateReserved": "2023-01-06T14:21:05.891Z",
"dateUpdated": "2025-03-10T21:22:21.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36102 (GCVE-0-2022-36102)
Vulnerability from cvelistv5 – Published: 2022-09-12 20:00 – Updated: 2025-04-23 17:12
VLAI?
Summary
Shopware is an open source e-commerce software. In affected versions if backend admin controllers are called with a certain notation, the ACL could be bypassed. Users could execute actions, which they are normally not able to do. Users are advised to update to the current version (5.7.15). Users can get the update via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue.
Severity ?
6.3 (Medium)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:52:00.659Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packagist.org/packages/shopware/shopware"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-qc43-pgwq-3q2q"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/commit/de92d3a78279119a5bbe203054f8fa1d25126af6"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36102",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:01:00.343374Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:12:08.264Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 5.7.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source e-commerce software. In affected versions if backend admin controllers are called with a certain notation, the ACL could be bypassed. Users could execute actions, which they are normally not able to do. Users are advised to update to the current version (5.7.15). Users can get the update via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-12T20:00:24.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packagist.org/packages/shopware/shopware"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-qc43-pgwq-3q2q"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/de92d3a78279119a5bbe203054f8fa1d25126af6"
}
],
"source": {
"advisory": "GHSA-qc43-pgwq-3q2q",
"discovery": "UNKNOWN"
},
"title": "Acess control list bypassed via crafted specific URLs",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-36102",
"STATE": "PUBLIC",
"TITLE": "Acess control list bypassed via crafted specific URLs"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "shopware",
"version": {
"version_data": [
{
"version_value": "\u003c 5.7.15"
}
]
}
}
]
},
"vendor_name": "shopware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Shopware is an open source e-commerce software. In affected versions if backend admin controllers are called with a certain notation, the ACL could be bypassed. Users could execute actions, which they are normally not able to do. Users are advised to update to the current version (5.7.15). Users can get the update via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-281: Improper Preservation of Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://packagist.org/packages/shopware/shopware",
"refsource": "MISC",
"url": "https://packagist.org/packages/shopware/shopware"
},
{
"name": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022",
"refsource": "MISC",
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022"
},
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-qc43-pgwq-3q2q",
"refsource": "CONFIRM",
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-qc43-pgwq-3q2q"
},
{
"name": "https://github.com/shopware/shopware/commit/de92d3a78279119a5bbe203054f8fa1d25126af6",
"refsource": "MISC",
"url": "https://github.com/shopware/shopware/commit/de92d3a78279119a5bbe203054f8fa1d25126af6"
}
]
},
"source": {
"advisory": "GHSA-qc43-pgwq-3q2q",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-36102",
"datePublished": "2022-09-12T20:00:24.000Z",
"dateReserved": "2022-07-15T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:12:08.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36101 (GCVE-0-2022-36101)
Vulnerability from cvelistv5 – Published: 2022-09-12 20:00 – Updated: 2025-04-23 17:12
VLAI?
Summary
Shopware is an open source e-commerce software. In affected versions the request for the customer detail view in the backend administration contained sensitive data like the hashed password and the session ID. These fields are now explicitly unset in version 5.7.15. Users are advised to update and may get the update either via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue.
Severity ?
5.4 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:52:00.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packagist.org/packages/shopware/shopware"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-6vfq-jmxg-g58r"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/commit/af5cdbc81d60f21b728e1433aeb8837f25938d2a"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36101",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:01:02.994061Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:12:13.936Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 5.7.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source e-commerce software. In affected versions the request for the customer detail view in the backend administration contained sensitive data like the hashed password and the session ID. These fields are now explicitly unset in version 5.7.15. Users are advised to update and may get the update either via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-12T20:00:16.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packagist.org/packages/shopware/shopware"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-6vfq-jmxg-g58r"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/af5cdbc81d60f21b728e1433aeb8837f25938d2a"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022"
}
],
"source": {
"advisory": "GHSA-6vfq-jmxg-g58r",
"discovery": "UNKNOWN"
},
"title": "Sensitive data in backend customer module",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-36101",
"STATE": "PUBLIC",
"TITLE": "Sensitive data in backend customer module"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "shopware",
"version": {
"version_data": [
{
"version_value": "\u003c 5.7.15"
}
]
}
}
]
},
"vendor_name": "shopware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Shopware is an open source e-commerce software. In affected versions the request for the customer detail view in the backend administration contained sensitive data like the hashed password and the session ID. These fields are now explicitly unset in version 5.7.15. Users are advised to update and may get the update either via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://packagist.org/packages/shopware/shopware",
"refsource": "MISC",
"url": "https://packagist.org/packages/shopware/shopware"
},
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-6vfq-jmxg-g58r",
"refsource": "CONFIRM",
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-6vfq-jmxg-g58r"
},
{
"name": "https://github.com/shopware/shopware/commit/af5cdbc81d60f21b728e1433aeb8837f25938d2a",
"refsource": "MISC",
"url": "https://github.com/shopware/shopware/commit/af5cdbc81d60f21b728e1433aeb8837f25938d2a"
},
{
"name": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022",
"refsource": "MISC",
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022"
}
]
},
"source": {
"advisory": "GHSA-6vfq-jmxg-g58r",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-36101",
"datePublished": "2022-09-12T20:00:16.000Z",
"dateReserved": "2022-07-15T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:12:13.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31148 (GCVE-0-2022-31148)
Vulnerability from cvelistv5 – Published: 2022-08-01 17:10 – Updated: 2025-04-23 17:56
VLAI?
Summary
Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting (XSS) vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-5834-xv5q-cgfw"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/commit/7875855005648fba7b39371a70816afae2e07daf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-07-2022"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31148",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:03:05.582278Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:56:53.899Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.7.0, \u003c 5.7.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting (XSS) vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T17:10:12.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-5834-xv5q-cgfw"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/7875855005648fba7b39371a70816afae2e07daf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-07-2022"
}
],
"source": {
"advisory": "GHSA-5834-xv5q-cgfw",
"discovery": "UNKNOWN"
},
"title": "Persistent cross site scripting in customer module in Shopware",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31148",
"STATE": "PUBLIC",
"TITLE": "Persistent cross site scripting in customer module in Shopware"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "shopware",
"version": {
"version_data": [
{
"version_value": "\u003e= 5.7.0, \u003c 5.7.14"
}
]
}
}
]
},
"vendor_name": "shopware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting (XSS) vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-5834-xv5q-cgfw",
"refsource": "CONFIRM",
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-5834-xv5q-cgfw"
},
{
"name": "https://github.com/shopware/shopware/commit/7875855005648fba7b39371a70816afae2e07daf",
"refsource": "MISC",
"url": "https://github.com/shopware/shopware/commit/7875855005648fba7b39371a70816afae2e07daf"
},
{
"name": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-07-2022",
"refsource": "MISC",
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-07-2022"
}
]
},
"source": {
"advisory": "GHSA-5834-xv5q-cgfw",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31148",
"datePublished": "2022-08-01T17:10:12.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:56:53.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31057 (GCVE-0-2022-31057)
Vulnerability from cvelistv5 – Published: 2022-06-27 19:30 – Updated: 2025-04-23 18:07
VLAI?
Summary
Shopware is an open source e-commerce software made in Germany. Versions of Shopware 5 prior to version 5.7.12 are subject to an authenticated Stored XSS in Administration. Users are advised to upgrade. There are no known workarounds for this issue.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:03:40.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-q754-vwc4-p6qj"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/commit/3e025a0a3e123f4108082645b1ced6fb548f7b6f"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2022"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packagist.org/packages/shopware/shopware"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31057",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:04:38.267788Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:07:50.536Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 5.7.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source e-commerce software made in Germany. Versions of Shopware 5 prior to version 5.7.12 are subject to an authenticated Stored XSS in Administration. Users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-27T19:30:26.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-q754-vwc4-p6qj"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/3e025a0a3e123f4108082645b1ced6fb548f7b6f"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2022"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packagist.org/packages/shopware/shopware"
}
],
"source": {
"advisory": "GHSA-q754-vwc4-p6qj",
"discovery": "UNKNOWN"
},
"title": "Authenticated Stored XSS in Shopware Administration",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31057",
"STATE": "PUBLIC",
"TITLE": "Authenticated Stored XSS in Shopware Administration"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "shopware",
"version": {
"version_data": [
{
"version_value": "\u003c 5.7.12"
}
]
}
}
]
},
"vendor_name": "shopware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Shopware is an open source e-commerce software made in Germany. Versions of Shopware 5 prior to version 5.7.12 are subject to an authenticated Stored XSS in Administration. Users are advised to upgrade. There are no known workarounds for this issue."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-q754-vwc4-p6qj",
"refsource": "CONFIRM",
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-q754-vwc4-p6qj"
},
{
"name": "https://github.com/shopware/shopware/commit/3e025a0a3e123f4108082645b1ced6fb548f7b6f",
"refsource": "MISC",
"url": "https://github.com/shopware/shopware/commit/3e025a0a3e123f4108082645b1ced6fb548f7b6f"
},
{
"name": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2022",
"refsource": "MISC",
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2022"
},
{
"name": "https://packagist.org/packages/shopware/shopware",
"refsource": "MISC",
"url": "https://packagist.org/packages/shopware/shopware"
}
]
},
"source": {
"advisory": "GHSA-q754-vwc4-p6qj",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31057",
"datePublished": "2022-06-27T19:30:26.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:07:50.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}