Vulnerabilities > Shopware > Shopware > 5.2.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-27 | CVE-2022-31057 | Cross-site Scripting vulnerability in Shopware Shopware is an open source e-commerce software made in Germany. | 3.5 |
| 2022-04-28 | CVE-2022-24879 | Cross-Site Request Forgery (CSRF) vulnerability in Shopware Shopware is an open source e-commerce software platform. | 5.0 |
| 2022-04-28 | CVE-2022-24892 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Shopware Shopware is an open source e-commerce software platform. | 6.8 |
| 2022-04-28 | CVE-2022-24873 | Cross-site Scripting vulnerability in Shopware Shopware is an open source e-commerce software platform. | 4.3 |
| 2022-04-20 | CVE-2022-24872 | Incorrect Permission Assignment for Critical Resource vulnerability in Shopware Shopware is an open commerce platform based on Symfony Framework and Vue. | 5.5 |
| 2022-04-20 | CVE-2022-24871 | Server-Side Request Forgery (SSRF) vulnerability in Shopware Shopware is an open commerce platform based on Symfony Framework and Vue. | 5.5 |
| 2022-03-09 | CVE-2022-24744 | Insufficient Session Expiration vulnerability in Shopware Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. | 3.5 |
| 2022-03-09 | CVE-2022-24745 | Session Fixation vulnerability in Shopware Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. | 5.8 |
| 2022-03-09 | CVE-2022-24746 | Cross-site Scripting vulnerability in Shopware Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. | 4.3 |
| 2022-03-09 | CVE-2022-24747 | Exposure of Resource to Wrong Sphere vulnerability in Shopware Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. | 5.3 |