Refine your search
56 vulnerabilities found for by Shopware
CVE-2026-32142 (GCVE-0-2026-32142)
Vulnerability from cvelistv5
Published
2026-03-12 18:17
Modified
2026-03-13 16:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
Shopware is an open commerce platform. /api/_info/config route exposes information about licenses. This vulnerability is fixed in 7.8.1 and 6.10.15.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| shopware | commercial |
Version: >= 7.0.0, < 7.8.1 Version: < 6.10.15 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32142",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-13T16:18:23.948323Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T16:18:35.366Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "commercial",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 7.0.0, \u003c 7.8.1"
},
{
"status": "affected",
"version": "\u003c 6.10.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. /api/_info/config route exposes information about licenses. This vulnerability is fixed in 7.8.1 and 6.10.15."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T18:17:35.939Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-gvmv-9f74-mhwp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-gvmv-9f74-mhwp"
}
],
"source": {
"advisory": "GHSA-gvmv-9f74-mhwp",
"discovery": "UNKNOWN"
},
"title": "shopware/commercial: `/api/_info/config` route exposes information about licenses"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-32142",
"datePublished": "2026-03-12T18:17:35.939Z",
"dateReserved": "2026-03-10T22:19:36.547Z",
"dateUpdated": "2026-03-13T16:18:35.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-31889 (GCVE-0-2026-31889)
Vulnerability from cvelistv5
Published
2026-03-11 18:56
Modified
2026-03-12 20:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-290 - Authentication Bypass by Spoofing
Summary
Shopware is an open commerce platform. Prior to 6.6.10.15 and 6.7.8.1, a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the communication channel between a shop and an app. The legacy app registration flow used HMAC‑based authentication without sufficiently binding a shop installation to its original domain. During re‑registration, the shop-url could be updated without proving control over the previously registered shop or domain. This made targeted hijacking of app communication feasible if an attacker possessed the relevant app‑side secret. By abusing app re‑registration, an attacker could redirect app traffic to an attacker‑controlled domain and potentially obtain API credentials intended for the legitimate shop. This vulnerability is fixed in 6.6.10.15 and 6.7.8.1.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-31889",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-12T20:04:03.569165Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T20:04:11.623Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "core",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.7.0.0, \u003c 6.7.8.1"
},
{
"status": "affected",
"version": "\u003c 6.6.10.15"
}
]
},
{
"product": "platform",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.7.0.0, \u003c 6.7.8.1"
},
{
"status": "affected",
"version": "\u003c 6.6.10.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. Prior to 6.6.10.15 and 6.7.8.1, a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the communication channel between a shop and an app. The legacy app registration flow used HMAC\u2011based authentication without sufficiently binding a shop installation to its original domain. During re\u2011registration, the shop-url could be updated without proving control over the previously registered shop or domain. This made targeted hijacking of app communication feasible if an attacker possessed the relevant app\u2011side secret. By abusing app re\u2011registration, an attacker could redirect app traffic to an attacker\u2011controlled domain and potentially obtain API credentials intended for the legitimate shop. This vulnerability is fixed in 6.6.10.15 and 6.7.8.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290: Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T18:56:23.171Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-c4p7-rwrg-pf6p",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-c4p7-rwrg-pf6p"
}
],
"source": {
"advisory": "GHSA-c4p7-rwrg-pf6p",
"discovery": "UNKNOWN"
},
"title": "Shopware has a potential take over of app credentials"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-31889",
"datePublished": "2026-03-11T18:56:23.171Z",
"dateReserved": "2026-03-09T21:59:02.687Z",
"dateUpdated": "2026-03-12T20:04:11.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-31888 (GCVE-0-2026-31888)
Vulnerability from cvelistv5
Published
2026-03-11 18:53
Modified
2026-03-12 20:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-204 - Observable Response Discrepancy
Summary
Shopware is an open commerce platform. Prior to 6.7.8.1 and 6.6.10.15, the Store API login endpoint (POST /store-api/account/login) returns different error codes depending on whether the submitted email address belongs to a registered customer (CHECKOUT__CUSTOMER_AUTH_BAD_CREDENTIALS) or is unknown (CHECKOUT__CUSTOMER_NOT_FOUND). The "not found" response also echoes the probed email address. This allows an unauthenticated attacker to enumerate valid customer accounts. The storefront login controller correctly unifies both error paths, but the Store API does not — indicating an inconsistent defense. This vulnerability is fixed in 6.7.8.1 and 6.6.10.15.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-31888",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-12T20:02:39.331863Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T20:02:47.581Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "core",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.7.0.0, \u003c 6.7.8.1"
},
{
"status": "affected",
"version": "\u003c 6.6.10.15"
}
]
},
{
"product": "platform",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.7.0.0, \u003c 6.7.8.1"
},
{
"status": "affected",
"version": "\u003c 6.6.10.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. Prior to 6.7.8.1 and 6.6.10.15, the Store API login endpoint (POST /store-api/account/login) returns different error codes depending on whether the submitted email address belongs to a registered customer (CHECKOUT__CUSTOMER_AUTH_BAD_CREDENTIALS) or is unknown (CHECKOUT__CUSTOMER_NOT_FOUND). The \"not found\" response also echoes the probed email address. This allows an unauthenticated attacker to enumerate valid customer accounts. The storefront login controller correctly unifies both error paths, but the Store API does not \u2014 indicating an inconsistent defense. This vulnerability is fixed in 6.7.8.1 and 6.6.10.15."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-204",
"description": "CWE-204: Observable Response Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T18:53:03.018Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-gqc5-xv7m-gcjq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-gqc5-xv7m-gcjq"
}
],
"source": {
"advisory": "GHSA-gqc5-xv7m-gcjq",
"discovery": "UNKNOWN"
},
"title": "Shopware has user enumeration via distinct error codes on Store API login endpoint"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-31888",
"datePublished": "2026-03-11T18:53:03.018Z",
"dateReserved": "2026-03-09T21:59:02.687Z",
"dateUpdated": "2026-03-12T20:02:47.581Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-31887 (GCVE-0-2026-31887)
Vulnerability from cvelistv5
Published
2026-03-11 18:49
Modified
2026-03-12 20:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-863 - Incorrect Authorization
Summary
Shopware is an open commerce platform. Prior to 6.7.8.1 and 6.6.10.15, an insufficient check on the filter types for unauthenticated customers allows access to orders of other customers. This is part of the deepLinkCode support on the store-api.order endpoint. This vulnerability is fixed in 6.7.8.1 and 6.6.10.15.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-31887",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-12T20:02:07.674304Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-12T20:02:14.866Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "core",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.7.0.0, \u003c 6.7.8.1"
},
{
"status": "affected",
"version": "\u003c 6.6.10.15"
}
]
},
{
"product": "platform",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.7.0.0, \u003c 6.7.8.1"
},
{
"status": "affected",
"version": "\u003c 6.6.10.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. Prior to 6.7.8.1 and 6.6.10.15, an insufficient check on the filter types for unauthenticated customers allows access to orders of other customers. This is part of the deepLinkCode support on the store-api.order endpoint. This vulnerability is fixed in 6.7.8.1 and 6.6.10.15."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T18:49:46.294Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-7vvp-j573-5584",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-7vvp-j573-5584"
}
],
"source": {
"advisory": "GHSA-7vvp-j573-5584",
"discovery": "UNKNOWN"
},
"title": "Shopware unauthenticated data extraction possible through store-api.order endpoint"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-31887",
"datePublished": "2026-03-11T18:49:46.294Z",
"dateReserved": "2026-03-09T21:59:02.687Z",
"dateUpdated": "2026-03-12T20:02:14.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23498 (GCVE-0-2026-23498)
Vulnerability from cvelistv5
Published
2026-01-14 18:31
Modified
2026-01-14 21:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
Shopware is an open commerce platform. From 6.7.0.0 to before 6.7.6.1, a regression of CVE-2023-2017 leads to an array and array crafted PHP Closure not checked being against allow list for the map(...) override. This vulnerability is fixed in 6.7.6.1.
References
| URL | Tags | |
|---|---|---|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23498",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-14T21:15:49.007384Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T21:15:57.391Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.7.0.0, \u003c 6.7.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. From 6.7.0.0 to before 6.7.6.1, a regression of CVE-2023-2017 leads to an array and array crafted PHP Closure not checked being against allow list for the map(...) override. This vulnerability is fixed in 6.7.6.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T18:31:19.070Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-7cw6-7h3h-v8pf",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-7cw6-7h3h-v8pf"
},
{
"name": "https://github.com/shopware/shopware/commit/3966b05590e29432b8485ba47b4fcd14dd0b8475",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/3966b05590e29432b8485ba47b4fcd14dd0b8475"
}
],
"source": {
"advisory": "GHSA-7cw6-7h3h-v8pf",
"discovery": "UNKNOWN"
},
"title": "Shopware Improper Control of Generation of Code in Twig rendered views"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-23498",
"datePublished": "2026-01-14T18:31:19.070Z",
"dateReserved": "2026-01-13T15:47:41.629Z",
"dateUpdated": "2026-01-14T21:15:57.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-67648 (GCVE-0-2025-67648)
Vulnerability from cvelistv5
Published
2025-12-10 23:55
Modified
2025-12-11 19:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Shopware is an open commerce platform. Versions 6.4.6.0 through 6.6.10.9 and 6.7.0.0 through 6.7.5.0 have a Reflected XSS vulnerability in AuthController.php. A request parameter from the login page URL is directly rendered within the Twig template of the Storefront login page without further processing or input validation. This allows direct code injection into the template via the URL parameter, waitTime, which lacks proper input validation. This issue is fixed in versions 6.6.10.10 and 6.7.5.1.
References
| URL | Tags | |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-67648",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-11T18:59:56.527334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T19:00:14.044Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.4.6.0, \u003c 6.6.10.10"
},
{
"status": "affected",
"version": "\u003e= 6.7.0.0, \u003c 6.7.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. Versions 6.4.6.0 through 6.6.10.9 and 6.7.0.0 through 6.7.5.0 have a Reflected XSS vulnerability in AuthController.php. A request parameter from the login page URL is directly rendered within the Twig template of the Storefront login page without further processing or input validation. This allows direct code injection into the template via the URL parameter, waitTime, which lacks proper input validation. This issue is fixed in versions 6.6.10.10 and 6.7.5.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-10T23:55:10.060Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-6w82-v552-wjw2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-6w82-v552-wjw2"
},
{
"name": "https://github.com/shopware/shopware/commit/c9242c02c84595d9fa3e2adf6a264bc90a657b58",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/c9242c02c84595d9fa3e2adf6a264bc90a657b58"
}
],
"source": {
"advisory": "GHSA-6w82-v552-wjw2",
"discovery": "UNKNOWN"
},
"title": "Shopware\u0027s inproper input validation can lead to Reflected XSS through Storefront Login Page"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-67648",
"datePublished": "2025-12-10T23:55:10.060Z",
"dateReserved": "2025-12-09T18:36:41.331Z",
"dateUpdated": "2025-12-11T19:00:14.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-7954 (GCVE-0-2025-7954)
Vulnerability from cvelistv5
Published
2025-08-06 07:16
Modified
2025-11-03 20:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Summary
A race condition vulnerability has been identified in Shopware's voucher system of Shopware v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage limitations.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7954",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-07T14:38:04.938690Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-07T14:38:24.426Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/shopware/shopware/issues/11245"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:07:42.751Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Aug/17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Shopware",
"vendor": "Shopware",
"versions": [
{
"status": "affected",
"version": "6.6.x"
},
{
"status": "affected",
"version": "6.7.x"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The attacker needs a one-time use voucher code."
}
],
"value": "The attacker needs a one-time use voucher code."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Timo M\u00fcller"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA race condition vulnerability has been identified in Shopware\u0027s voucher system of Shopware\u0026nbsp;v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage limitations.\u003c/span\u003e\n\n\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "A race condition vulnerability has been identified in Shopware\u0027s voucher system of Shopware\u00a0v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage limitations."
}
],
"impacts": [
{
"capecId": "CAPEC-29",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-06T07:22:17.134Z",
"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"shortName": "SEC-VLab"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/shopware/shopware/issues/11245"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Race Condition in Shopware Voucher Submission",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Do not use one-time voucher codes until issue is fixed."
}
],
"value": "Do not use one-time voucher codes until issue is fixed."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"assignerShortName": "SEC-VLab",
"cveId": "CVE-2025-7954",
"datePublished": "2025-08-06T07:16:09.712Z",
"dateReserved": "2025-07-21T10:26:59.855Z",
"dateUpdated": "2025-11-03T20:07:42.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-32378 (GCVE-0-2025-32378)
Vulnerability from cvelistv5
Published
2025-04-09 15:37
Modified
2025-04-09 20:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-799 - Improper Control of Interaction Frequency
Summary
Shopware is an open source e-commerce software platform. Prior to 6.6.10.3 or 6.5.8.17, the default settings for double-opt-in allow for mass unsolicited newsletter sign-ups without confirmation. Default settings are Newsletter: Double Opt-in set to active, Newsletter: Double opt-in for registered customers set to disabled, and Log-in & sign-up: Double opt-in on sign-up set to disabled. With these settings, anyone can register an account on the shop using any e-mail-address and then check the check-box in the account page to sign up for the newsletter. The recipient will receive two mails confirming registering and signing up for the newsletter, no confirmation link needed to be clicked for either. In the backend the recipient is set to “instantly active”. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32378",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T17:32:57.312691Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T20:46:25.559Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.5.8.17"
},
{
"status": "affected",
"version": "\u003e= 6.6.0.0, \u003c 6.6.10.3"
},
{
"status": "affected",
"version": "\u003e= 6.7.0.0-rc1, \u003c 6.7.0.0-rc2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source e-commerce software platform. Prior to 6.6.10.3 or 6.5.8.17, the default settings for double-opt-in allow for mass unsolicited newsletter sign-ups without confirmation. Default settings are Newsletter: Double Opt-in set to active, Newsletter: Double opt-in for registered customers set to disabled, and Log-in \u0026 sign-up: Double opt-in on sign-up set to disabled. With these settings, anyone can register an account on the shop using any e-mail-address and then check the check-box in the account page to sign up for the newsletter. The recipient will receive two mails confirming registering and signing up for the newsletter, no confirmation link needed to be clicked for either. In the backend the recipient is set to \u201cinstantly active\u201d. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-799",
"description": "CWE-799: Improper Control of Interaction Frequency",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T15:37:44.010Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-4h9w-7vfp-px8m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-4h9w-7vfp-px8m"
}
],
"source": {
"advisory": "GHSA-4h9w-7vfp-px8m",
"discovery": "UNKNOWN"
},
"title": "Shopware\u0027s default newsletter opt-in settings allow for mass sign-up abuse"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-32378",
"datePublished": "2025-04-09T15:37:44.010Z",
"dateReserved": "2025-04-06T19:46:02.461Z",
"dateUpdated": "2025-04-09T20:46:25.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-30150 (GCVE-0-2025-30150)
Vulnerability from cvelistv5
Published
2025-04-08 13:46
Modified
2025-04-08 18:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-204 - Observable Response Discrepancy
Summary
Shopware 6 is an open commerce platform based on Symfony Framework and Vue. Through the store-api it is possible as a attacker to check if a specific e-mail address has an account in the shop. Using the store-api endpoint /store-api/account/recovery-password you get the response, which indicates clearly that there is no account for this customer. In contrast you get a success response if the account was found. This vulnerability is fixed in Shopware 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30150",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T18:45:06.362334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T18:46:21.570Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.5.8.17"
},
{
"status": "affected",
"version": "\u003e= 6.6.0.0, \u003c 6.6.10.3"
},
{
"status": "affected",
"version": "\u003e= 6.7.0.0-rc1, \u003c 6.7.0.0-rc2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware 6 is an open commerce platform based on Symfony Framework and Vue. Through the store-api it is possible as a attacker to check if a specific e-mail address has an account in the shop. Using the store-api endpoint /store-api/account/recovery-password you get the response, which indicates clearly that there is no account for this customer. In contrast you get a success response if the account was found. This vulnerability is fixed in Shopware 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-204",
"description": "CWE-204: Observable Response Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T13:46:44.823Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-hh7j-6x3q-f52h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-hh7j-6x3q-f52h"
}
],
"source": {
"advisory": "GHSA-hh7j-6x3q-f52h",
"discovery": "UNKNOWN"
},
"title": "Shopware 6 allows attackers to check for registered accounts through the store-api"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-30150",
"datePublished": "2025-04-08T13:46:44.823Z",
"dateReserved": "2025-03-17T12:41:42.565Z",
"dateUpdated": "2025-04-08T18:46:21.570Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-30151 (GCVE-0-2025-30151)
Vulnerability from cvelistv5
Published
2025-04-08 13:46
Modified
2025-04-08 18:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
Shopware is an open commerce platform. It's possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30151",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T18:47:17.395503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T18:47:54.011Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.5.8.17"
},
{
"status": "affected",
"version": "\u003e= 6.6.0.0, \u003c 6.6.10.3"
},
{
"status": "affected",
"version": "\u003e= 6.7.0.0-rc1, \u003c 6.7.0.0-rc2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. It\u0027s possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T13:46:30.629Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-cgfj-hj93-rmh2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-cgfj-hj93-rmh2"
}
],
"source": {
"advisory": "GHSA-cgfj-hj93-rmh2",
"discovery": "UNKNOWN"
},
"title": "Shopware allows Denial Of Service via password length"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-30151",
"datePublished": "2025-04-08T13:46:30.629Z",
"dateReserved": "2025-03-17T12:41:42.565Z",
"dateUpdated": "2025-04-08T18:47:54.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42357 (GCVE-0-2024-42357)
Vulnerability from cvelistv5
Published
2024-08-08 14:55
Modified
2024-08-08 18:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the `aggregations` object. The `name` field in this `aggregations` object is vulnerable SQL-injection and can be exploited using SQL parameters. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.1, 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin.
References
| URL | Tags | |
|---|---|---|
|
|
||
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"lessThanOrEqual": "6.6.5.0",
"status": "affected",
"version": "6.6.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.5.8.12",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42357",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T18:17:05.467392Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T18:33:33.536Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.6.0.0, \u003c= 6.6.5.0"
},
{
"status": "affected",
"version": "\u003c= 6.5.8.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the `aggregations` object. The `name` field in this `aggregations` object is vulnerable SQL-injection and can be exploited using SQL parameters. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.1, 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T14:55:50.674Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-p6w9-r443-r752",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-p6w9-r443-r752"
},
{
"name": "https://github.com/shopware/core/commit/63c05615694790f5790a04ef889f42b764fa53c9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/core/commit/63c05615694790f5790a04ef889f42b764fa53c9"
},
{
"name": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f"
},
{
"name": "https://github.com/shopware/shopware/commit/57ea2f3c59483cf7c0f853e7a0d68c23ded1fe5b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/57ea2f3c59483cf7c0f853e7a0d68c23ded1fe5b"
},
{
"name": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac"
}
],
"source": {
"advisory": "GHSA-p6w9-r443-r752",
"discovery": "UNKNOWN"
},
"title": "Shopware vulnerable to blind SQL-injection in DAL aggregations"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-42357",
"datePublished": "2024-08-08T14:55:50.674Z",
"dateReserved": "2024-07-30T14:01:33.922Z",
"dateUpdated": "2024-08-08T18:33:33.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42356 (GCVE-0-2024-42356)
Vulnerability from cvelistv5
Published
2024-08-08 14:52
Modified
2024-08-09 15:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1336 - Improper Neutralization of Special Elements Used in a Template Engine
Summary
Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the `context` variable is injected into almost any Twig Template and allows to access to current language, currency information. The context object allows also to switch for a short time the scope of the Context as a helper with a callable function. The function can be called also from Twig and as the second parameter allows any callable, it's possible to call from Twig any statically callable PHP function/method. It's not possible as customer to provide any Twig code, the attacker would require access to Administration to exploit it using Mail templates or using App Scripts. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.1, 6.2, 6.3 and 6.4 corresponding security measures are also available via a plugin.
References
| URL | Tags | |
|---|---|---|
|
|
||
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"lessThanOrEqual": "6.5.8.12",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.6.5.0",
"status": "affected",
"version": "6.6.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42356",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-09T15:51:49.931045Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-09T15:55:33.933Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c= 6.5.8.12"
},
{
"status": "affected",
"version": "\u003e= 6.6.0.0, \u003c= 6.6.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the `context` variable is injected into almost any Twig Template and allows to access to current language, currency information. The context object allows also to switch for a short time the scope of the Context as a helper with a callable function. The function can be called also from Twig and as the second parameter allows any callable, it\u0027s possible to call from Twig any statically callable PHP function/method. It\u0027s not possible as customer to provide any Twig code, the attacker would require access to Administration to exploit it using Mail templates or using App Scripts. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.1, 6.2, 6.3 and 6.4 corresponding security measures are also available via a plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T14:52:53.604Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-35jp-8cgg-p4wj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-35jp-8cgg-p4wj"
},
{
"name": "https://github.com/shopware/core/commit/04183e0c02af3b404eb7d52c683734bfe0595038",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/core/commit/04183e0c02af3b404eb7d52c683734bfe0595038"
},
{
"name": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f"
},
{
"name": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac"
},
{
"name": "https://github.com/shopware/shopware/commit/e43423bcc93c618c3036f94c12aa29514da8cf2e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/e43423bcc93c618c3036f94c12aa29514da8cf2e"
}
],
"source": {
"advisory": "GHSA-35jp-8cgg-p4wj",
"discovery": "UNKNOWN"
},
"title": "Shopware vulnerable to Server Side Template Injection in Twig using Context functions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-42356",
"datePublished": "2024-08-08T14:52:53.604Z",
"dateReserved": "2024-07-30T14:01:33.922Z",
"dateUpdated": "2024-08-09T15:55:33.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42355 (GCVE-0-2024-42355)
Vulnerability from cvelistv5
Published
2024-08-08 14:49
Modified
2024-08-08 15:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1336 - Improper Neutralization of Special Elements Used in a Template Engine
Summary
Shopware, an open ecommerce platform, has a new Twig Tag `sw_silent_feature_call` which silences deprecation messages while triggered in this tag. Prior to versions 6.6.5.1 and 6.5.8.13, it accepts as parameter a string the feature flag name to silence, but this parameter is not escaped properly and allows execution of code. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin.
References
| URL | Tags | |
|---|---|---|
|
|
||
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"lessThan": "6.5.8.13",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.6.5.1",
"status": "affected",
"version": "6.6.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T15:26:25.050210Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T15:32:50.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c= 6.5.8.12"
},
{
"status": "affected",
"version": "\u003e= 6.6.0.0, \u003c= 6.6.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware, an open ecommerce platform, has a new Twig Tag `sw_silent_feature_call` which silences deprecation messages while triggered in this tag. Prior to versions 6.6.5.1 and 6.5.8.13, it accepts as parameter a string the feature flag name to silence, but this parameter is not escaped properly and allows execution of code. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T14:49:38.492Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-27wp-jvhw-v4xp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-27wp-jvhw-v4xp"
},
{
"name": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f"
},
{
"name": "https://github.com/shopware/core/commit/d35ee2eda5c995faeb08b3dad127eab65c64e2a2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/core/commit/d35ee2eda5c995faeb08b3dad127eab65c64e2a2"
},
{
"name": "https://github.com/shopware/shopware/commit/445c6763cc093fbd651e0efaa4150deae4ae60da",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/445c6763cc093fbd651e0efaa4150deae4ae60da"
},
{
"name": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac"
}
],
"source": {
"advisory": "GHSA-27wp-jvhw-v4xp",
"discovery": "UNKNOWN"
},
"title": "Shopware vulnerable to Server Side Template Injection in Twig using deprecation silence tag"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-42355",
"datePublished": "2024-08-08T14:49:38.492Z",
"dateReserved": "2024-07-30T14:01:33.922Z",
"dateUpdated": "2024-08-08T15:32:50.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-42354 (GCVE-0-2024-42354)
Vulnerability from cvelistv5
Published
2024-08-08 14:44
Modified
2024-08-08 15:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
Shopware is an open commerce platform. The store-API works with regular entities and not expose all fields for the public API; fields need to be marked as ApiAware in the EntityDefinition. So only ApiAware fields of the EntityDefinition will be encoded to the final JSON. Prior to versions 6.6.5.1 and 6.5.8.13, the processing of the Criteria did not considered ManyToMany associations and so they were not considered properly and the protections didn't get used. This issue cannot be reproduced with the default entities by Shopware, but can be triggered with extensions. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin.
References
| URL | Tags | |
|---|---|---|
|
|
||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42354",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T15:24:16.776137Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T15:24:38.347Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c= 6.5.8.12"
},
{
"status": "affected",
"version": "\u003e= 6.6.0.0, \u003c= 6.6.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform. The store-API works with regular entities and not expose all fields for the public API; fields need to be marked as ApiAware in the EntityDefinition. So only ApiAware fields of the EntityDefinition will be encoded to the final JSON. Prior to versions 6.6.5.1 and 6.5.8.13, the processing of the Criteria did not considered ManyToMany associations and so they were not considered properly and the protections didn\u0027t get used. This issue cannot be reproduced with the default entities by Shopware, but can be triggered with extensions. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T14:44:24.678Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-hhcq-ph6w-494g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-hhcq-ph6w-494g"
},
{
"name": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f"
},
{
"name": "https://github.com/shopware/core/commit/d35ee2eda5c995faeb08b3dad127eab65c64e2a2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/core/commit/d35ee2eda5c995faeb08b3dad127eab65c64e2a2"
},
{
"name": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac"
},
{
"name": "https://github.com/shopware/shopware/commit/ad83d38809df457efef21c37ce0996430334bf01",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/ad83d38809df457efef21c37ce0996430334bf01"
}
],
"source": {
"advisory": "GHSA-hhcq-ph6w-494g",
"discovery": "UNKNOWN"
},
"title": "Shopware vulnerable to Improper Access Control with ManyToMany associations in store-api"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-42354",
"datePublished": "2024-08-08T14:44:24.678Z",
"dateReserved": "2024-07-30T14:01:33.922Z",
"dateUpdated": "2024-08-08T15:24:38.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31447 (GCVE-0-2024-31447)
Vulnerability from cvelistv5
Published
2024-04-08 15:39
Modified
2024-09-03 18:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-613 - Insufficient Session Expiration
Summary
Shopware 6 is an open commerce platform based on Symfony Framework and Vue. Starting in version 6.3.5.0 and prior to versions 6.6.1.0 and 6.5.8.8, when a authenticated request is made to `POST /store-api/account/logout`, the cart will be cleared, but the User won't be logged out. This affects only the direct store-api usage, as the PHP Storefront listens additionally on `CustomerLogoutEvent` and invalidates the session additionally. The problem has been fixed in Shopware 6.6.1.0 and 6.5.8.8. Those who are unable to update can install the latest version of the Shopware Security Plugin as a workaround.
References
| URL | Tags | |
|---|---|---|
|
|
||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:52:56.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-5297-wrrp-rcj7",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-5297-wrrp-rcj7"
},
{
"name": "https://github.com/shopware/shopware/commit/5cc84ddd817ad0c1d07f9b3c79ab346d50514a77",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/commit/5cc84ddd817ad0c1d07f9b3c79ab346d50514a77"
},
{
"name": "https://github.com/shopware/shopware/commit/d29775aa758f70d08e0c5999795c7c26d230e7d3",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/commit/d29775aa758f70d08e0c5999795c7c26d230e7d3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31447",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T15:22:21.295783Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T18:25:39.752Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.3.5.0, \u003c 6.5.8.8"
},
{
"status": "affected",
"version": "\u003e= 6.6.0.0-rc1, \u003c 6.6.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware 6 is an open commerce platform based on Symfony Framework and Vue. Starting in version 6.3.5.0 and prior to versions 6.6.1.0 and 6.5.8.8, when a authenticated request is made to `POST /store-api/account/logout`, the cart will be cleared, but the User won\u0027t be logged out. This affects only the direct store-api usage, as the PHP Storefront listens additionally on `CustomerLogoutEvent` and invalidates the session additionally. The problem has been fixed in Shopware 6.6.1.0 and 6.5.8.8. Those who are unable to update can install the latest version of the Shopware Security Plugin as a workaround.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613: Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T15:48:24.047Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-5297-wrrp-rcj7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-5297-wrrp-rcj7"
},
{
"name": "https://github.com/shopware/shopware/commit/5cc84ddd817ad0c1d07f9b3c79ab346d50514a77",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/5cc84ddd817ad0c1d07f9b3c79ab346d50514a77"
},
{
"name": "https://github.com/shopware/shopware/commit/d29775aa758f70d08e0c5999795c7c26d230e7d3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/d29775aa758f70d08e0c5999795c7c26d230e7d3"
}
],
"source": {
"advisory": "GHSA-5297-wrrp-rcj7",
"discovery": "UNKNOWN"
},
"title": "Shopware has Improper Session Handling in store-api"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-31447",
"datePublished": "2024-04-08T15:39:29.678Z",
"dateReserved": "2024-04-03T17:55:32.645Z",
"dateUpdated": "2024-09-03T18:25:39.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27917 (GCVE-0-2024-27917)
Vulnerability from cvelistv5
Published
2024-03-06 19:36
Modified
2024-08-05 20:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-524 - Use of Cache Containing Sensitive Information
Summary
Shopware is an open commerce platform based on Symfony Framework and Vue. The Symfony Session Handler pops the Session Cookie and assigns it to the Response. Since Shopware 6.5.8.0, the 404 pages are cached to improve the performance of 404 pages. So the cached Response which contains a Session Cookie when the Browser accessing the 404 page, has no cookies yet. The Symfony Session Handler is in use, when no explicit Session configuration has been done. When Redis is in use for Sessions using the PHP Redis extension, this exploiting code is not used. Shopware version 6.5.8.7 contains a patch for this issue. As a workaround, use Redis for Sessions, as this does not trigger the exploit code.
References
| URL | Tags | |
|---|---|---|
|
|
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:41:55.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-c2f9-4jmm-v45m",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-c2f9-4jmm-v45m"
},
{
"name": "https://github.com/shopware/shopware/commit/7d9cb03225efca5f97e69b800d8747598dd15ce3",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/commit/7d9cb03225efca5f97e69b800d8747598dd15ce3"
},
{
"name": "https://github.com/shopware/storefront/commit/3477e4a425d3c54b4bfae82d703fe3838dc21d3e",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/storefront/commit/3477e4a425d3c54b4bfae82d703fe3838dc21d3e"
},
{
"name": "https://github.com/shopware/shopware/releases/tag/v6.5.8.7",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/releases/tag/v6.5.8.7"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"lessThan": "6.5.8.7",
"status": "affected",
"version": "6.5.8.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27917",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T20:06:20.280295Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T20:07:41.626Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.5.8.0, \u003c 6.5.8.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open commerce platform based on Symfony Framework and Vue. The Symfony Session Handler pops the Session Cookie and assigns it to the Response. Since Shopware 6.5.8.0, the 404 pages are cached to improve the performance of 404 pages. So the cached Response which contains a Session Cookie when the Browser accessing the 404 page, has no cookies yet. The Symfony Session Handler is in use, when no explicit Session configuration has been done. When Redis is in use for Sessions using the PHP Redis extension, this exploiting code is not used. Shopware version 6.5.8.7 contains a patch for this issue. As a workaround, use Redis for Sessions, as this does not trigger the exploit code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-524",
"description": "CWE-524: Use of Cache Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-06T19:36:27.357Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-c2f9-4jmm-v45m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-c2f9-4jmm-v45m"
},
{
"name": "https://github.com/shopware/shopware/commit/7d9cb03225efca5f97e69b800d8747598dd15ce3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/7d9cb03225efca5f97e69b800d8747598dd15ce3"
},
{
"name": "https://github.com/shopware/storefront/commit/3477e4a425d3c54b4bfae82d703fe3838dc21d3e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/storefront/commit/3477e4a425d3c54b4bfae82d703fe3838dc21d3e"
},
{
"name": "https://github.com/shopware/shopware/releases/tag/v6.5.8.7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/releases/tag/v6.5.8.7"
}
],
"source": {
"advisory": "GHSA-c2f9-4jmm-v45m",
"discovery": "UNKNOWN"
},
"title": "Shopware\u0027s session is persistent in Cache for 404 pages"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-27917",
"datePublished": "2024-03-06T19:36:27.357Z",
"dateReserved": "2024-02-28T15:14:14.213Z",
"dateUpdated": "2024-08-05T20:07:41.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22406 (GCVE-0-2024-22406)
Vulnerability from cvelistv5
Published
2024-01-16 22:30
Modified
2025-06-02 15:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
Shopware is an open headless commerce platform. The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the “aggregations” object. The ‘name’ field in this “aggregations” object is vulnerable SQL-injection and can be exploited using time-based SQL-queries. This issue has been addressed and users are advised to update to Shopware 6.5.7.4. For older versions of 6.1, 6.2, 6.3 and 6.4 corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-qmp9-2xwj-m6m9",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-qmp9-2xwj-m6m9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22406",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:42:55.187365Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T15:06:58.811Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.5.7.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open headless commerce platform. The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the \u201caggregations\u201d object. The \u2018name\u2019 field in this \u201caggregations\u201d object is vulnerable SQL-injection and can be exploited using time-based SQL-queries. This issue has been addressed and users are advised to update to Shopware 6.5.7.4. For older versions of 6.1, 6.2, 6.3 and 6.4 corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-16T22:30:04.324Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-qmp9-2xwj-m6m9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-qmp9-2xwj-m6m9"
}
],
"source": {
"advisory": "GHSA-qmp9-2xwj-m6m9",
"discovery": "UNKNOWN"
},
"title": "Blind SQL-injection in DAL aggregations in Shopware"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-22406",
"datePublished": "2024-01-16T22:30:04.324Z",
"dateReserved": "2024-01-10T15:09:55.549Z",
"dateUpdated": "2025-06-02T15:06:58.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22407 (GCVE-0-2024-22407)
Vulnerability from cvelistv5
Published
2024-01-16 22:29
Modified
2024-11-13 19:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
Shopware is an open headless commerce platform. In the Shopware CMS, the state handler for orders fails to sufficiently verify user authorizations for actions that modify the payment, delivery, and/or order status. Due to this inadequate implementation, users lacking 'write' permissions for orders are still able to change the order state. This issue has been addressed and users are advised to update to Shopware 6.5.7.4. For older versions of 6.1, 6.2, 6.3 and 6.4 corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-3867-jc5c-66qf",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-3867-jc5c-66qf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22407",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-23T16:09:33.514980Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T19:39:35.421Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.5.7.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open headless commerce platform. In the Shopware CMS, the state handler for orders fails to sufficiently verify user authorizations for actions that modify the payment, delivery, and/or order status. Due to this inadequate implementation, users lacking \u0027write\u0027 permissions for orders are still able to change the order state. This issue has been addressed and users are advised to update to Shopware 6.5.7.4. For older versions of 6.1, 6.2, 6.3 and 6.4 corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-16T22:29:06.955Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-3867-jc5c-66qf",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-3867-jc5c-66qf"
}
],
"source": {
"advisory": "GHSA-3867-jc5c-66qf",
"discovery": "UNKNOWN"
},
"title": "Broken Access Control order API in Shopware"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-22407",
"datePublished": "2024-01-16T22:29:06.955Z",
"dateReserved": "2024-01-10T15:09:55.549Z",
"dateUpdated": "2024-11-13T19:39:35.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22408 (GCVE-0-2024-22408)
Vulnerability from cvelistv5
Published
2024-01-16 22:26
Modified
2025-06-17 21:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Summary
Shopware is an open headless commerce platform. The implemented Flow Builder functionality in the Shopware application does not adequately validate the URL used when creating the “call webhook” action. This enables malicious users to perform web requests to internal hosts. This issue has been fixed in the Commercial Plugin release 6.5.7.4 or with the Security Plugin. For installations with Shopware 6.4 the Security plugin is recommended to be installed and up to date. For older versions of 6.4 and 6.5 corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.936Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-3535-m8vh-vrmw",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-3535-m8vh-vrmw"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22408",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-17T17:02:17.645575Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T21:19:16.067Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.5.7.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open headless commerce platform. The implemented Flow Builder functionality in the Shopware application does not adequately validate the URL used when creating the \u201ccall webhook\u201d action. This enables malicious users to perform web requests to internal hosts. This issue has been fixed in the Commercial Plugin release 6.5.7.4 or with the Security Plugin. For installations with Shopware 6.4 the Security plugin is recommended to be installed and up to date. For older versions of 6.4 and 6.5 corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-16T22:26:41.447Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-3535-m8vh-vrmw",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-3535-m8vh-vrmw"
}
],
"source": {
"advisory": "GHSA-3535-m8vh-vrmw",
"discovery": "UNKNOWN"
},
"title": "Server-Side Request Forgery (SSRF) in Shopware Flow Builder"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-22408",
"datePublished": "2024-01-16T22:26:41.447Z",
"dateReserved": "2024-01-10T15:09:55.549Z",
"dateUpdated": "2025-06-17T21:19:16.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34099 (GCVE-0-2023-34099)
Vulnerability from cvelistv5
Published
2023-06-27 16:29
Modified
2024-11-07 17:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Summary
Shopware is an open source e-commerce software. The mail validation in the registration process had some flaws, so it was possible to construct different mail addresses, that in the end result in the same address, which is shared by multiple accounts. This issue has been addressed in version 5.7.18 and users are advised to update. There are no known workarounds for this vulnerability.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:53.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-gh66-fp7j-98v5",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-gh66-fp7j-98v5"
},
{
"name": "https://github.com/shopware5/shopware/commit/39cc714d9a0be33b43877044d0b88ea3c6b43f3d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware5/shopware/commit/39cc714d9a0be33b43877044d0b88ea3c6b43f3d"
},
{
"name": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023"
},
{
"name": "https://www.shopware.com/en/changelog-sw5/#5-7-18",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.shopware.com/en/changelog-sw5/#5-7-18"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"lessThan": "5.7.18",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"lessThan": "5.7.18",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34099",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T17:02:39.760502Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T17:03:59.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 5.7.18"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source e-commerce software. The mail validation in the registration process had some flaws, so it was possible to construct different mail addresses, that in the end result in the same address, which is shared by multiple accounts. This issue has been addressed in version 5.7.18 and users are advised to update. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-27T16:29:07.220Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-gh66-fp7j-98v5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-gh66-fp7j-98v5"
},
{
"name": "https://github.com/shopware5/shopware/commit/39cc714d9a0be33b43877044d0b88ea3c6b43f3d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware5/shopware/commit/39cc714d9a0be33b43877044d0b88ea3c6b43f3d"
},
{
"name": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023"
},
{
"name": "https://www.shopware.com/en/changelog-sw5/#5-7-18",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.shopware.com/en/changelog-sw5/#5-7-18"
}
],
"source": {
"advisory": "GHSA-gh66-fp7j-98v5",
"discovery": "UNKNOWN"
},
"title": "Improper mail validation in Shopware"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-34099",
"datePublished": "2023-06-27T16:29:07.220Z",
"dateReserved": "2023-05-25T21:56:51.245Z",
"dateUpdated": "2024-11-07T17:03:59.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34098 (GCVE-0-2023-34098)
Vulnerability from cvelistv5
Published
2023-06-27 16:25
Modified
2024-11-07 17:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
Shopware is an open source e-commerce software. Due to an incorrect configuration in the `.htaccess` file, the configuration file of the Javascript could be read in production environments (`themes/package-lock.json`). With this information, the specific Shopware version in a deployment might be determined by an attacker, which could be used for further attacks. Users are advised to update to version 5.7.18. There are no known workarounds for this vulnerability.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:53.536Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-q97c-2mh3-pgw9",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-q97c-2mh3-pgw9"
},
{
"name": "https://github.com/shopware5/shopware/commit/b3518c8d9562a38615d638f31f79829f6e2f4b6a",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware5/shopware/commit/b3518c8d9562a38615d638f31f79829f6e2f4b6a"
},
{
"name": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023"
},
{
"name": "https://www.shopware.com/en/changelog-sw5/#5-7-18",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.shopware.com/en/changelog-sw5/#5-7-18"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"lessThan": "5.7.18",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34098",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T17:04:30.262396Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T17:05:23.474Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 5.7.18"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source e-commerce software. Due to an incorrect configuration in the `.htaccess` file, the configuration file of the Javascript could be read in production environments (`themes/package-lock.json`). With this information, the specific Shopware version in a deployment might be determined by an attacker, which could be used for further attacks. Users are advised to update to version 5.7.18. There are no known workarounds for this vulnerability.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-27T16:25:15.157Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-q97c-2mh3-pgw9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-q97c-2mh3-pgw9"
},
{
"name": "https://github.com/shopware5/shopware/commit/b3518c8d9562a38615d638f31f79829f6e2f4b6a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware5/shopware/commit/b3518c8d9562a38615d638f31f79829f6e2f4b6a"
},
{
"name": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023"
},
{
"name": "https://www.shopware.com/en/changelog-sw5/#5-7-18",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.shopware.com/en/changelog-sw5/#5-7-18"
}
],
"source": {
"advisory": "GHSA-q97c-2mh3-pgw9",
"discovery": "UNKNOWN"
},
"title": "Dependency configuration exposed in Shopware"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-34098",
"datePublished": "2023-06-27T16:25:15.157Z",
"dateReserved": "2023-05-25T21:56:51.245Z",
"dateUpdated": "2024-11-07T17:05:23.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23941 (GCVE-0-2023-23941)
Vulnerability from cvelistv5
Published
2023-02-03 20:26
Modified
2025-03-10 21:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Summary
SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used (PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card), the amount and item list sent to PayPal may not be identical to the one in the created order. The problem has been fixed with version 5.4.4. As a workaround, disable the aforementioned payment methods or use the Security Plugin in version >= 1.0.21.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| shopware | SwagPayPal |
Version: < 5.4.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:49:07.974Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/SwagPayPal/security/advisories/GHSA-vxpm-8hcp-qh27",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/SwagPayPal/security/advisories/GHSA-vxpm-8hcp-qh27"
},
{
"name": "https://github.com/shopware/SwagPayPal/commit/57db5f4a57ef0a1646b509b415de9f03bf441b08",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/SwagPayPal/commit/57db5f4a57ef0a1646b509b415de9f03bf441b08"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23941",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T20:59:08.376859Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T21:16:43.990Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SwagPayPal",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 5.4.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used (PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card), the amount and item list sent to PayPal may not be identical to the one in the created order. The problem has been fixed with version 5.4.4. As a workaround, disable the aforementioned payment methods or use the Security Plugin in version \u003e= 1.0.21."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345: Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-03T20:26:52.692Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/SwagPayPal/security/advisories/GHSA-vxpm-8hcp-qh27",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/SwagPayPal/security/advisories/GHSA-vxpm-8hcp-qh27"
},
{
"name": "https://github.com/shopware/SwagPayPal/commit/57db5f4a57ef0a1646b509b415de9f03bf441b08",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/SwagPayPal/commit/57db5f4a57ef0a1646b509b415de9f03bf441b08"
}
],
"source": {
"advisory": "GHSA-vxpm-8hcp-qh27",
"discovery": "UNKNOWN"
},
"title": "SwagPayPal payment not sent to PayPal correctly"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-23941",
"datePublished": "2023-02-03T20:26:52.692Z",
"dateReserved": "2023-01-19T21:12:31.361Z",
"dateUpdated": "2025-03-10T21:16:43.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22733 (GCVE-0-2023-22733)
Vulnerability from cvelistv5
Published
2023-01-17 21:37
Modified
2025-03-10 21:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Summary
Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions the log module would write out all kind of sent mails. An attacker with access to either the local system logs or a centralized logging store may have access to other users accounts. This issue has been addressed in version 6.4.18.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version. Users unable to upgrade may remove from all users the log module ACL rights or disable logging.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:50.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-7cp7-jfp6-jh4f",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-7cp7-jfp6-jh4f"
},
{
"name": "https://github.com/shopware/platform/commit/407a83063d7141c1a626441799c3ebef79498c07",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/platform/commit/407a83063d7141c1a626441799c3ebef79498c07"
},
{
"name": "https://developer.shopware.com/docs/guides/hosting/performance/performance-tweaks#logging",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://developer.shopware.com/docs/guides/hosting/performance/performance-tweaks#logging"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22733",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T20:59:45.523271Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T21:21:56.020Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "platform",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.4.18.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions the log module would write out all kind of sent mails. An attacker with access to either the local system logs or a centralized logging store may have access to other users accounts. This issue has been addressed in version 6.4.18.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version. Users unable to upgrade may remove from all users the log module ACL rights or disable logging."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-17T21:37:43.906Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-7cp7-jfp6-jh4f",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-7cp7-jfp6-jh4f"
},
{
"name": "https://github.com/shopware/platform/commit/407a83063d7141c1a626441799c3ebef79498c07",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/platform/commit/407a83063d7141c1a626441799c3ebef79498c07"
},
{
"name": "https://developer.shopware.com/docs/guides/hosting/performance/performance-tweaks#logging",
"tags": [
"x_refsource_MISC"
],
"url": "https://developer.shopware.com/docs/guides/hosting/performance/performance-tweaks#logging"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"source": {
"advisory": "GHSA-7cp7-jfp6-jh4f",
"discovery": "UNKNOWN"
},
"title": "Improper Output Neutralization in Log Module in shopware"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-22733",
"datePublished": "2023-01-17T21:37:43.906Z",
"dateReserved": "2023-01-06T14:21:05.891Z",
"dateUpdated": "2025-03-10T21:21:56.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22732 (GCVE-0-2023-22732)
Vulnerability from cvelistv5
Published
2023-01-17 21:34
Modified
2025-03-10 21:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-613 - Insufficient Session Expiration
Summary
Shopware is an open source commerce platform based on Symfony Framework and Vue js. The Administration session expiration was set to one week, when an attacker has stolen the session cookie they could use it for a long period of time. In version 6.4.18.1 an automatic logout into the Administration session has been added. As a result the user will be logged out when they are inactive. Users are advised to upgrade. There are no known workarounds for this issue.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:50.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-59qg-93jg-236f",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-59qg-93jg-236f"
},
{
"name": "https://github.com/shopware/platform/commit/cd7a89cbcd3a0428c6d1ef27b3aa15467a722ff6",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/platform/commit/cd7a89cbcd3a0428c6d1ef27b3aa15467a722ff6"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22732",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T20:59:48.235198Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T21:22:02.274Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "platform",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.4.18.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source commerce platform based on Symfony Framework and Vue js. The Administration session expiration was set to one week, when an attacker has stolen the session cookie they could use it for a long period of time. In version 6.4.18.1 an automatic logout into the Administration session has been added. As a result the user will be logged out when they are inactive. Users are advised to upgrade. There are no known workarounds for this issue.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613: Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-17T21:34:26.912Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-59qg-93jg-236f",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-59qg-93jg-236f"
},
{
"name": "https://github.com/shopware/platform/commit/cd7a89cbcd3a0428c6d1ef27b3aa15467a722ff6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/platform/commit/cd7a89cbcd3a0428c6d1ef27b3aa15467a722ff6"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"source": {
"advisory": "GHSA-59qg-93jg-236f",
"discovery": "UNKNOWN"
},
"title": "Insufficient Session Expiration in Administration in shopware"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-22732",
"datePublished": "2023-01-17T21:34:26.912Z",
"dateReserved": "2023-01-06T14:21:05.891Z",
"dateUpdated": "2025-03-10T21:22:02.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22731 (GCVE-0-2023-22731)
Vulnerability from cvelistv5
Published
2023-01-17 21:31
Modified
2025-03-10 21:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
Shopware is an open source commerce platform based on Symfony Framework and Vue js. In a Twig environment **without the Sandbox extension**, it is possible to refer to PHP functions in twig filters like `map`, `filter`, `sort`. This allows a template to call any global PHP function and thus execute arbitrary code. The attacker must have access to a Twig environment in order to exploit this vulnerability. This problem has been fixed with 6.4.18.1 with an override of the specified filters until the integration of the Sandbox extension has been finished. Users are advised to upgrade. Users of major versions 6.1, 6.2, and 6.3 may also receive this fix via a plugin.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:50.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-93cw-f5jj-x85w",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-93cw-f5jj-x85w"
},
{
"name": "https://github.com/shopware/platform/commit/89d1ea154689cb6202e0d3a0ceeae0febb0c09e1",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/platform/commit/89d1ea154689cb6202e0d3a0ceeae0febb0c09e1"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22731",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T20:58:32.609464Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T21:22:08.214Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "platform",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.4.18.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source commerce platform based on Symfony Framework and Vue js. In a Twig environment **without the Sandbox extension**, it is possible to refer to PHP functions in twig filters like `map`, `filter`, `sort`. This allows a template to call any global PHP function and thus execute arbitrary code. The attacker must have access to a Twig environment in order to exploit this vulnerability. This problem has been fixed with 6.4.18.1 with an override of the specified filters until the integration of the Sandbox extension has been finished. Users are advised to upgrade. Users of major versions 6.1, 6.2, and 6.3 may also receive this fix via a plugin.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-17T21:31:45.875Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-93cw-f5jj-x85w",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-93cw-f5jj-x85w"
},
{
"name": "https://github.com/shopware/platform/commit/89d1ea154689cb6202e0d3a0ceeae0febb0c09e1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/platform/commit/89d1ea154689cb6202e0d3a0ceeae0febb0c09e1"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"source": {
"advisory": "GHSA-93cw-f5jj-x85w",
"discovery": "UNKNOWN"
},
"title": "Improper Control of Generation of Code in Twig rendered views in shopware"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-22731",
"datePublished": "2023-01-17T21:31:45.875Z",
"dateReserved": "2023-01-06T14:21:05.891Z",
"dateUpdated": "2025-03-10T21:22:08.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22730 (GCVE-0-2023-22730)
Vulnerability from cvelistv5
Published
2023-01-17 21:27
Modified
2025-03-10 21:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions It was possible to put the same line item multiple times in the cart using the AP. The Cart Validators checked the line item's individuality and the user was able to bypass quantity limits in sales. This problem has been fixed with version 6.4.18.1. Users on major versions 6.1, 6.2, and 6.3 may also obtain this fix via a plugin.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:50.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-8r6h-m72v-38fg",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-8r6h-m72v-38fg"
},
{
"name": "https://github.com/shopware/platform/commit/4fce12096e54b2033832d9104fa2e68888c2b4e9",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/platform/commit/4fce12096e54b2033832d9104fa2e68888c2b4e9"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22730",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T20:59:33.924013Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T21:22:13.869Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "platform",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.4.18.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions It was possible to put the same line item multiple times in the cart using the AP. The Cart Validators checked the line item\u0027s individuality and the user was able to bypass quantity limits in sales. This problem has been fixed with version 6.4.18.1. Users on major versions 6.1, 6.2, and 6.3 may also obtain this fix via a plugin. \n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-17T21:27:50.656Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-8r6h-m72v-38fg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-8r6h-m72v-38fg"
},
{
"name": "https://github.com/shopware/platform/commit/4fce12096e54b2033832d9104fa2e68888c2b4e9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/platform/commit/4fce12096e54b2033832d9104fa2e68888c2b4e9"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"source": {
"advisory": "GHSA-8r6h-m72v-38fg",
"discovery": "UNKNOWN"
},
"title": "Improper Input Validation of Clearance sale in cart"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-22730",
"datePublished": "2023-01-17T21:27:50.656Z",
"dateReserved": "2023-01-06T14:21:05.891Z",
"dateUpdated": "2025-03-10T21:22:13.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22734 (GCVE-0-2023-22734)
Vulnerability from cvelistv5
Published
2023-01-17 21:21
Modified
2025-03-10 21:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
Shopware is an open source commerce platform based on Symfony Framework and Vue js. The newsletter double opt-in validation was not checked properly, and it was possible to skip the complete double opt in process. As a result operators may have inconsistencies in their newsletter systems. This problem has been fixed with version 6.4.18.1. Users are advised to upgrade. Users unable to upgrade may find security measures are available via a plugin for major versions 6.1, 6.2, and 6.3. Users may also disable newsletter registration completely.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:50.203Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-46h7-vj7x-fxg2",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-46h7-vj7x-fxg2"
},
{
"name": "https://github.com/shopware/platform/commit/f5a95ee2bcf1e546878450963ef1d9886e59a620",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/platform/commit/f5a95ee2bcf1e546878450963ef1d9886e59a620"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22734",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T20:59:51.298480Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T21:22:21.731Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "platform",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 6.4.18.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source commerce platform based on Symfony Framework and Vue js. The newsletter double opt-in validation was not checked properly, and it was possible to skip the complete double opt in process. As a result operators may have inconsistencies in their newsletter systems. This problem has been fixed with version 6.4.18.1. Users are advised to upgrade. Users unable to upgrade may find security measures are available via a plugin for major versions 6.1, 6.2, and 6.3. Users may also disable newsletter registration completely.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-17T21:21:23.973Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/shopware/platform/security/advisories/GHSA-46h7-vj7x-fxg2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/platform/security/advisories/GHSA-46h7-vj7x-fxg2"
},
{
"name": "https://github.com/shopware/platform/commit/f5a95ee2bcf1e546878450963ef1d9886e59a620",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/platform/commit/f5a95ee2bcf1e546878450963ef1d9886e59a620"
},
{
"name": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates"
}
],
"source": {
"advisory": "GHSA-46h7-vj7x-fxg2",
"discovery": "UNKNOWN"
},
"title": "Improper Input Newsletter subscription option validation in shopware"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-22734",
"datePublished": "2023-01-17T21:21:23.973Z",
"dateReserved": "2023-01-06T14:21:05.891Z",
"dateUpdated": "2025-03-10T21:22:21.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36102 (GCVE-0-2022-36102)
Vulnerability from cvelistv5
Published
2022-09-12 20:00
Modified
2025-04-23 17:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-281 - Improper Preservation of Permissions
Summary
Shopware is an open source e-commerce software. In affected versions if backend admin controllers are called with a certain notation, the ACL could be bypassed. Users could execute actions, which they are normally not able to do. Users are advised to update to the current version (5.7.15). Users can get the update via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:52:00.659Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packagist.org/packages/shopware/shopware"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-qc43-pgwq-3q2q"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/commit/de92d3a78279119a5bbe203054f8fa1d25126af6"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36102",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:01:00.343374Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:12:08.264Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 5.7.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source e-commerce software. In affected versions if backend admin controllers are called with a certain notation, the ACL could be bypassed. Users could execute actions, which they are normally not able to do. Users are advised to update to the current version (5.7.15). Users can get the update via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-12T20:00:24.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packagist.org/packages/shopware/shopware"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-qc43-pgwq-3q2q"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/de92d3a78279119a5bbe203054f8fa1d25126af6"
}
],
"source": {
"advisory": "GHSA-qc43-pgwq-3q2q",
"discovery": "UNKNOWN"
},
"title": "Acess control list bypassed via crafted specific URLs",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-36102",
"STATE": "PUBLIC",
"TITLE": "Acess control list bypassed via crafted specific URLs"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "shopware",
"version": {
"version_data": [
{
"version_value": "\u003c 5.7.15"
}
]
}
}
]
},
"vendor_name": "shopware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Shopware is an open source e-commerce software. In affected versions if backend admin controllers are called with a certain notation, the ACL could be bypassed. Users could execute actions, which they are normally not able to do. Users are advised to update to the current version (5.7.15). Users can get the update via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-281: Improper Preservation of Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://packagist.org/packages/shopware/shopware",
"refsource": "MISC",
"url": "https://packagist.org/packages/shopware/shopware"
},
{
"name": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022",
"refsource": "MISC",
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022"
},
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-qc43-pgwq-3q2q",
"refsource": "CONFIRM",
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-qc43-pgwq-3q2q"
},
{
"name": "https://github.com/shopware/shopware/commit/de92d3a78279119a5bbe203054f8fa1d25126af6",
"refsource": "MISC",
"url": "https://github.com/shopware/shopware/commit/de92d3a78279119a5bbe203054f8fa1d25126af6"
}
]
},
"source": {
"advisory": "GHSA-qc43-pgwq-3q2q",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-36102",
"datePublished": "2022-09-12T20:00:24.000Z",
"dateReserved": "2022-07-15T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:12:08.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36101 (GCVE-0-2022-36101)
Vulnerability from cvelistv5
Published
2022-09-12 20:00
Modified
2025-04-23 17:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
Shopware is an open source e-commerce software. In affected versions the request for the customer detail view in the backend administration contained sensitive data like the hashed password and the session ID. These fields are now explicitly unset in version 5.7.15. Users are advised to update and may get the update either via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:52:00.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packagist.org/packages/shopware/shopware"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-6vfq-jmxg-g58r"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/commit/af5cdbc81d60f21b728e1433aeb8837f25938d2a"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36101",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:01:02.994061Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:12:13.936Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003c 5.7.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source e-commerce software. In affected versions the request for the customer detail view in the backend administration contained sensitive data like the hashed password and the session ID. These fields are now explicitly unset in version 5.7.15. Users are advised to update and may get the update either via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-12T20:00:16.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packagist.org/packages/shopware/shopware"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-6vfq-jmxg-g58r"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/af5cdbc81d60f21b728e1433aeb8837f25938d2a"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022"
}
],
"source": {
"advisory": "GHSA-6vfq-jmxg-g58r",
"discovery": "UNKNOWN"
},
"title": "Sensitive data in backend customer module",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-36101",
"STATE": "PUBLIC",
"TITLE": "Sensitive data in backend customer module"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "shopware",
"version": {
"version_data": [
{
"version_value": "\u003c 5.7.15"
}
]
}
}
]
},
"vendor_name": "shopware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Shopware is an open source e-commerce software. In affected versions the request for the customer detail view in the backend administration contained sensitive data like the hashed password and the session ID. These fields are now explicitly unset in version 5.7.15. Users are advised to update and may get the update either via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://packagist.org/packages/shopware/shopware",
"refsource": "MISC",
"url": "https://packagist.org/packages/shopware/shopware"
},
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-6vfq-jmxg-g58r",
"refsource": "CONFIRM",
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-6vfq-jmxg-g58r"
},
{
"name": "https://github.com/shopware/shopware/commit/af5cdbc81d60f21b728e1433aeb8837f25938d2a",
"refsource": "MISC",
"url": "https://github.com/shopware/shopware/commit/af5cdbc81d60f21b728e1433aeb8837f25938d2a"
},
{
"name": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022",
"refsource": "MISC",
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022"
}
]
},
"source": {
"advisory": "GHSA-6vfq-jmxg-g58r",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-36101",
"datePublished": "2022-09-12T20:00:16.000Z",
"dateReserved": "2022-07-15T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:12:13.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31148 (GCVE-0-2022-31148)
Vulnerability from cvelistv5
Published
2022-08-01 17:10
Modified
2025-04-23 17:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting (XSS) vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue.
References
| URL | Tags | |
|---|---|---|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-5834-xv5q-cgfw"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/shopware/shopware/commit/7875855005648fba7b39371a70816afae2e07daf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-07-2022"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31148",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:03:05.582278Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:56:53.899Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shopware",
"vendor": "shopware",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.7.0, \u003c 5.7.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting (XSS) vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T17:10:12.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-5834-xv5q-cgfw"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/shopware/shopware/commit/7875855005648fba7b39371a70816afae2e07daf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-07-2022"
}
],
"source": {
"advisory": "GHSA-5834-xv5q-cgfw",
"discovery": "UNKNOWN"
},
"title": "Persistent cross site scripting in customer module in Shopware",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31148",
"STATE": "PUBLIC",
"TITLE": "Persistent cross site scripting in customer module in Shopware"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "shopware",
"version": {
"version_data": [
{
"version_value": "\u003e= 5.7.0, \u003c 5.7.14"
}
]
}
}
]
},
"vendor_name": "shopware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting (XSS) vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/shopware/shopware/security/advisories/GHSA-5834-xv5q-cgfw",
"refsource": "CONFIRM",
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-5834-xv5q-cgfw"
},
{
"name": "https://github.com/shopware/shopware/commit/7875855005648fba7b39371a70816afae2e07daf",
"refsource": "MISC",
"url": "https://github.com/shopware/shopware/commit/7875855005648fba7b39371a70816afae2e07daf"
},
{
"name": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-07-2022",
"refsource": "MISC",
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-07-2022"
}
]
},
"source": {
"advisory": "GHSA-5834-xv5q-cgfw",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31148",
"datePublished": "2022-08-01T17:10:12.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:56:53.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}