Vulnerabilities > Shopware > Shopware > 6.2.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-20 | CVE-2022-24871 | Server-Side Request Forgery (SSRF) vulnerability in Shopware Shopware is an open commerce platform based on Symfony Framework and Vue. | 5.5 |
2022-03-09 | CVE-2022-24744 | Insufficient Session Expiration vulnerability in Shopware Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. | 3.5 |
2022-03-09 | CVE-2022-24745 | Session Fixation vulnerability in Shopware Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. | 5.8 |
2022-03-09 | CVE-2022-24746 | Cross-site Scripting vulnerability in Shopware Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. | 4.3 |
2022-03-09 | CVE-2022-24747 | Exposure of Resource to Wrong Sphere vulnerability in Shopware Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. | 5.3 |
2022-03-09 | CVE-2022-24748 | Incorrect Authorization vulnerability in Shopware Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. | 7.5 |
2021-08-16 | CVE-2021-37710 | Cross-site Scripting vulnerability in Shopware Shopware is an open source eCommerce platform. | 3.5 |
2021-08-16 | CVE-2021-37711 | Server-Side Request Forgery (SSRF) vulnerability in Shopware Versions prior to 6.4.3.1 contain an authenticated server-side request forgery vulnerability in file upload via URL. | 6.5 |
2021-08-16 | CVE-2021-37709 | Authorization Bypass Through User-Controlled Key vulnerability in Shopware Shopware is an open source eCommerce platform. | 4.0 |
2021-08-16 | CVE-2021-37708 | OS Command Injection vulnerability in Shopware Shopware is an open source eCommerce platform. | 9.8 |