Security Advisories - shopware/core

shopware/core Security Advisories for v6.1.0-rc3 (39)

[HIGH] Shopware vulnerable to blind SQL-injection in DAL aggregations

PKSA-wp2c-7yp8-5fvs CVE-2024-42357 GHSA-p6w9-r443-r752

Affected version: >=6.6.0.0,<=6.6.5.0|<=6.5.8.12

Reported by:
GitHub
[HIGH] Shopware vulnerable to Server Side Template Injection in Twig using Context functions

PKSA-kt1g-n1g2-hzb4 CVE-2024-42356 GHSA-35jp-8cgg-p4wj

Affected version: >=6.6.0.0,<=6.6.5.0|<=6.5.8.12

Reported by:
GitHub
[HIGH] Shopware vulnerable to Server Side Template Injection in Twig using deprecation silence tag

PKSA-6stq-czfs-1nvv CVE-2024-42355 GHSA-27wp-jvhw-v4xp

Affected version: >=6.6.0.0,<=6.6.5.0|<=6.5.8.12

Reported by:
GitHub
[MEDIUM] Shopware vulnerable to Improper Access Control with ManyToMany associations in store-api

PKSA-4spx-rq41-wk8h CVE-2024-42354 GHSA-hhcq-ph6w-494g

Affected version: >=6.6.0.0,<=6.6.5.0|<=6.5.8.12

Reported by:
GitHub
[MEDIUM] Broken Access Control order API in Shopware

PKSA-mm7q-gnjj-tttn CVE-2024-22407 GHSA-3867-jc5c-66qf

Affected version: <=6.5.7.3

Reported by:
GitHub
[CRITICAL] Blind SQL injection in shopware

PKSA-ktmn-6519-qrdp CVE-2024-22406 GHSA-qmp9-2xwj-m6m9

Affected version: <=6.5.7.3

Reported by:
GitHub
[HIGH] Improper Control of Generation of Code in Twig rendered views

PKSA-kd1k-vbw9-69fx CVE-2023-2017 GHSA-7v2v-9rm4-7m8f

Affected version: <=6.4.20.0

Reported by:
GitHub
[MEDIUM] Shopware has Improper Input Validation issue in newsletter subscription

PKSA-zbt5-mjsz-9f2t CVE-2023-22734 GHSA-46h7-vj7x-fxg2

Affected version: <=6.4.18.0

Reported by:
GitHub
[LOW] Shopware has Insufficient Session Expiration in Administration

PKSA-bnh5-5drc-b8g8 CVE-2023-22732 GHSA-59qg-93jg-236f

Affected version: <=6.4.18.0

Reported by:
GitHub
[LOW] Shopware's log module vulnerable to Improper Output Neutralization

PKSA-88mf-d614-87c1 CVE-2023-22733 GHSA-7cp7-jfp6-jh4f

Affected version: <=6.4.18.0

Reported by:
GitHub
[CRITICAL] Shopware vulnerable to Improper Control of Generation of Code in Twig rendered views

PKSA-s94v-mcmm-ycmg CVE-2023-22731 GHSA-93cw-f5jj-x85w

Affected version: <=6.4.18.0

Reported by:
GitHub
[MEDIUM] Shopware vulnerable to Improper Input Validation of Clearance sale in cart

PKSA-zr2k-54cr-tb84 CVE-2023-22730 GHSA-8r6h-m72v-38fg

Affected version: <=6.4.18.0

Reported by:
GitHub
[HIGH] Shopware database password is leaked to an unauthenticated users

PKSA-9p6y-gqwk-1x5q CVE-2020-13997 GHSA-r4ph-mx67-x58p

Affected version: >=6.0.0,<6.2.3

Reported by:
GitHub
[HIGH] Improper Access Control in Shopware

PKSA-np7f-fmcq-spzn CVE-2022-24872 GHSA-9wrv-g75h-8ccc

Affected version: <=6.3.4.0

Reported by:
GitHub
[HIGH] Server-Side Request Forgery (SSRF) in Shopware

PKSA-34sw-dmrz-s3ct CVE-2022-24871 GHSA-7gm7-8q8v-9gf2

Affected version: <=6.4.9.0

Reported by:
GitHub
[MEDIUM] Incorrect Authentication in shopware

PKSA-3mg1-qgkz-fhzr CVE-2022-24748 GHSA-83vp-6jqg-6cmr

Affected version: <=6.4.8.1

Reported by:
GitHub
[MEDIUM] HTTP caching is marking private HTTP headers as public in Shopware

PKSA-ccnj-bqfc-887j CVE-2022-24747 GHSA-6wrh-279j-6hvw

Affected version: <=6.4.8.1

Reported by:
GitHub
[MEDIUM] HTML injection possibility in voucher code form in Shopware

PKSA-tnyf-cn12-jhmf CVE-2022-24746 GHSA-952p-fqcp-g8pc

Affected version: <=6.4.8.0

Reported by:
GitHub
[LOW] Shopware user session is not logged out if the password is reset via password recovery

PKSA-9h2g-h8jc-v38b CVE-2022-24744 GHSA-w267-m9c4-8555

Affected version: <=6.4.8.0

Reported by:
GitHub
[CRITICAL] Webcache Poisoning in shopware/platform and shopware/core

PKSA-r6j6-5wr2-cc9q GHSA-r64m-qchj-hrjp

Affected version: <=6.4.6.0

Reported by:
GitHub
[MEDIUM] Insecure direct object reference of log files of the Import/Export feature

PKSA-tncs-rfhx-6t79 CVE-2021-37709 GHSA-54gp-qff8-946c

Affected version: <=6.4.3.0

Reported by:
GitHub
[HIGH] Command injection in mail agent settings

PKSA-wctr-h2vg-1nrg CVE-2021-37708 GHSA-xh55-2fqp-p775

Affected version: <=6.4.3.0

Reported by:
GitHub
[MEDIUM] Manipulation of product reviews via API

PKSA-76b3-wj95-w3n3 CVE-2021-37707 GHSA-9f8f-574q-8jmf

Affected version: <=6.4.3.0

Reported by:
GitHub
[HIGH] Cross-Site Scripting via SVG media files

PKSA-dcdx-j2xt-9813 CVE-2021-37710 GHSA-fc38-mxwr-pfhx

Affected version: <=6.4.3.0

Reported by:
GitHub
[HIGH] Authenticated server-side request forgery in file upload via URL.

PKSA-3yhk-2pz8-h48v CVE-2021-37711 GHSA-gcvv-gq92-x94r

Affected version: <=6.4.3.0

Reported by:
GitHub
[MEDIUM] non-admin users can create integration role with administrator role

PKSA-3p6r-87dj-whfm GHSA-243q-g9j3-qf6r

Affected version: <=6.4.1.0

Reported by:
GitHub
[MEDIUM] Internal hidden fields are visible on to many associations in admin api

PKSA-8p45-24gp-8k7z GHSA-gpmh-g94g-qrhr

Affected version: <=6.4.1.0

Reported by:
GitHub
[HIGH] Private files publicly accessible with Cloud Storage providers

PKSA-kgcc-rqqz-w9xv GHSA-vrf2-xghr-j52v

Affected version: <=6.4.1.0

Reported by:
GitHub
[LOW] Creation of order credits was not validated by acl in admin orders

PKSA-2xdh-9trx-qcrk GHSA-g7w8-pp9w-7p32

Affected version: <=6.4.1.0

Reported by:
GitHub
[MEDIUM] Canceling of orders not related to the logged-in user

PKSA-k445-97f2-7qf2 GHSA-wq3r-jwrq-xg6w

Affected version: <=6.4.1.0

Reported by:
GitHub
[CRITICAL] After order payment process manipulation in shopware/platform and shopware/core

PKSA-r1zt-9fkv-dfbw GHSA-88rc-3p98-rgvx

Affected version: <=6.3.5.2

Reported by:
GitHub
[CRITICAL] Leak of information via Store-API aggregations in shopware/platform and shopware/core

PKSA-yqs3-j5sh-fdbk GHSA-qg7c-q3vq-rgxr

Affected version: <=6.3.5.2

Reported by:
GitHub
[LOW] Authenticated Server Side Request Forgery

PKSA-vjm7-rzy9-mbj6 GHSA-8pfh-mm2g-hmc3

Affected version: <=6.3.4.0

Reported by:
GitHub
[LOW] Information exposure via query strings in URL

PKSA-38x3-88s9-63nc GHSA-cq6h-w3mc-57f4

Affected version: <=6.3.4.0

Reported by:
GitHub
[LOW] Authenticated Privilege Escalation

PKSA-8v5c-w6ym-24yy GHSA-5q58-x5h2-v5rx

Affected version: <=6.3.4.0

Reported by:
GitHub
[LOW] Denial of Service via Cache Flooding

PKSA-vnb3-v6ks-9jtq GHSA-p68v-frgx-4rjp

Affected version: <=6.3.2.0

Reported by:
GitHub
[MEDIUM] Authenticated XML External Entity Processing

PKSA-d2xz-mykd-kfb6 GHSA-8xv9-qcr9-ww9j

Affected version: <=6.3.2.0

Reported by:
GitHub
[LOW] Non-persistent XSS in the Storefront in Shopware

PKSA-y1sr-zggs-293q GHSA-qvhr-55hg-3qwv

Affected version: <=6.3.1.0

Reported by:
GitHub
[LOW] RCE in Third Party Library in Shopware

PKSA-3fgf-95z8-37f5 GHSA-qvc5-cfrr-384v

Affected version: <=6.3.1.0

Reported by:
GitHub

shopware/core Security Advisories for v6.1.0-rc3 (39)

[HIGH] Shopware vulnerable to blind SQL-injection in DAL aggregations

[HIGH] Shopware vulnerable to Server Side Template Injection in Twig using Context functions

[HIGH] Shopware vulnerable to Server Side Template Injection in Twig using deprecation silence tag

[MEDIUM] Shopware vulnerable to Improper Access Control with ManyToMany associations in store-api

[MEDIUM] Broken Access Control order API in Shopware

[CRITICAL] Blind SQL injection in shopware

[HIGH] Improper Control of Generation of Code in Twig rendered views

[MEDIUM] Shopware has Improper Input Validation issue in newsletter subscription

[LOW] Shopware has Insufficient Session Expiration in Administration

[LOW] Shopware's log module vulnerable to Improper Output Neutralization

[CRITICAL] Shopware vulnerable to Improper Control of Generation of Code in Twig rendered views

[MEDIUM] Shopware vulnerable to Improper Input Validation of Clearance sale in cart

[HIGH] Shopware database password is leaked to an unauthenticated users

[HIGH] Improper Access Control in Shopware

[HIGH] Server-Side Request Forgery (SSRF) in Shopware

[MEDIUM] Incorrect Authentication in shopware

[MEDIUM] HTTP caching is marking private HTTP headers as public in Shopware

[MEDIUM] HTML injection possibility in voucher code form in Shopware

[LOW] Shopware user session is not logged out if the password is reset via password recovery

[CRITICAL] Webcache Poisoning in shopware/platform and shopware/core

[MEDIUM] Insecure direct object reference of log files of the Import/Export feature

[HIGH] Command injection in mail agent settings

[MEDIUM] Manipulation of product reviews via API

[HIGH] Cross-Site Scripting via SVG media files

[HIGH] Authenticated server-side request forgery in file upload via URL.

[MEDIUM] non-admin users can create integration role with administrator role

[MEDIUM] Internal hidden fields are visible on to many associations in admin api

[HIGH] Private files publicly accessible with Cloud Storage providers

[LOW] Creation of order credits was not validated by acl in admin orders

[MEDIUM] Canceling of orders not related to the logged-in user

[CRITICAL] After order payment process manipulation in shopware/platform and shopware/core

[CRITICAL] Leak of information via Store-API aggregations in shopware/platform and shopware/core

[LOW] Authenticated Server Side Request Forgery

[LOW] Information exposure via query strings in URL

[LOW] Authenticated Privilege Escalation

[LOW] Denial of Service via Cache Flooding

[MEDIUM] Authenticated XML External Entity Processing

[LOW] Non-persistent XSS in the Storefront in Shopware

[LOW] RCE in Third Party Library in Shopware