CVE-2021-37707

🗓️ 16 Aug 2021 18:55:10Reported by GitHub_MType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 74 Views

Shopware eCommerce platform API manipulation vulnerabilit

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2021-37707	16 Aug 202119:15	–	attackerkb
Circl	CVE-2021-37707	16 Aug 202122:15	–	circl
CNNVD	Shopware 输入验证错误漏洞	16 Aug 202100:00	–	cnnvd
CNVD	Shopware Input Validation Error Vulnerability	18 Aug 202100:00	–	cnvd
Cvelist	CVE-2021-37707 Manipulation of product reviews via API	16 Aug 202118:55	–	cvelist
EUVD	EUVD-2021-1658	7 Oct 202500:30	–	euvd
Github Security Blog	Manipulation of product reviews via API	30 Aug 202116:14	–	github
NVD	CVE-2021-37707	16 Aug 202119:15	–	nvd
OSV	GHSA-9F8F-574Q-8JMF Manipulation of product reviews via API	30 Aug 202116:14	–	osv
Prion	Code injection	16 Aug 202119:15	–	prion

NVD

Vulners

Node

shopware shopwareRange6.1.0–6.4.3.1

[
  {
    "product": "platform",
    "vendor": "shopware",
    "versions": [
      {
        "status": "affected",
        "version": "<= 6.4.3.0"
      }
    ]
  }
]

Source	Link
github	www.github.com/shopware/platform/security/advisories/GHSA-9f8f-574q-8jmf
github	www.github.com/shopware/platform/commit/912b96de3b839c6c5525c98cbb58f537c2d838be

21 Nov 2024 06:15Current

6.8Medium risk

Vulners AI Score6.8

CVSS 25

CVSS 3.16.5 - 7.5

EPSS0.00215

CWE-20