← volver
CVE-2019-12935

CVE-2019-12935

CVSS 7.4 HIGHEPSS 2.7%
Shopware before 5.5.8 has XSS via the Query String to the backend/Login or backend/Login/load/ URI.
CVSS:3.0/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:C/UI:R
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://packetstormsecurity.com/files/153145/Shopware-5.5.6-Cross-Site-Scripting.htmlhttp://seclists.org/fulldisclosure/2019/Jun/32https://www.netsparker.com/web-applications-advisories/ns-19-004-cross-site-scripting-in-shopware/https://www.shopware.com/en/changelog/#5-5-8