Vulnerabilities > Shopware > Shopware > 6.4.4.0

DATE CVE VULNERABILITY TITLE RISK
2022-04-20 CVE-2022-24871 Server-Side Request Forgery (SSRF) vulnerability in Shopware
Shopware is an open commerce platform based on Symfony Framework and Vue.
network
low complexity
shopware CWE-918
5.5
5.5
2022-03-09 CVE-2022-24744 Insufficient Session Expiration vulnerability in Shopware
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework.
network
shopware CWE-613
3.5
3.5
2022-03-09 CVE-2022-24745 Session Fixation vulnerability in Shopware
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework.
network
shopware CWE-384
5.8
5.8
2022-03-09 CVE-2022-24746 Cross-site Scripting vulnerability in Shopware
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework.
network
shopware CWE-79
4.3
4.3
2022-03-09 CVE-2022-24747 Exposure of Resource to Wrong Sphere vulnerability in Shopware
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework.
network
low complexity
shopware CWE-668
5.3
5.3
2022-03-09 CVE-2022-24748 Incorrect Authorization vulnerability in Shopware
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework.
network
low complexity
shopware CWE-863
7.5
7.5