Under certain circumstances it is possible to execute an authorized foreign code in Shopware version prior to 5.2.25.
CPE | Name | Operator | Version |
---|---|---|---|
shopware/shopware | ge | 4.2.0 | |
shopware/shopware | lt | 5.2.25 |
community.shopware.com/_detail_2015.html
docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2017?category=shopware-5-en/security-updates
github.com/advisories/GHSA-83jv-4prm-34g7
github.com/FriendsOfPHP/security-advisories/blob/master/shopware/shopware/2017-06-22.yaml
github.com/shopware5/shopware/commit/8f6a7cefcba7547276892b82f64e4874c1a0dfed