← voltar
CVE-2019-12935

CVE-2019-12935

CVSS 7.4 HIGHEPSS 2.7%
Shopware before 5.5.8 has XSS via the Query String to the backend/Login or backend/Login/load/ URI.
CVSS:3.0/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:C/UI:R
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/153145/Shopware-5.5.6-Cross-Site-Scripting.htmlhttp://seclists.org/fulldisclosure/2019/Jun/32https://www.netsparker.com/web-applications-advisories/ns-19-004-cross-site-scripting-in-shopware/https://www.shopware.com/en/changelog/#5-5-8