GHSA-8PFH-MM2G-HMC3 Authenticated Server Side Request Forgery

Impact Authenticated Server Side Request Forgery Patches We recommend to update to the current version 6.3.4.1. You can get the update to 6.3.4.1 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6 Workarounds For older versions of...

Information exposure via query strings in URL

Impact Information exposure via query strings in URL Patches We recommend to update to the current version 6.3.4.1. You can get the update to 6.3.4.1 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6 Workarounds For older version...

GHSA-5Q58-X5H2-V5RX Authenticated Privilege Escalation

Impact Authenticated Privilege Escalation Patches We recommend to update to the current version 6.3.4.1. You can get the update to 6.3.4.1 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6 Workarounds For older versions of 6.1 an...

Authenticated Privilege Escalation

Impact Authenticated Privilege Escalation Patches We recommend to update to the current version 6.3.4.1. You can get the update to 6.3.4.1 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6 Workarounds For older versions of 6.1 an...

CVE-2012-4985

CVE-2012-4985 concerns the Forescout CounterACT NAC device 6.3.4.1, where ICMP and ARP traffic from unrecognized clients is not blocked. This results in a protocol-filter bypass that could enable ARP poisoning via crafted packets. The connected sources describe the impact as attacker-controlled A...

Forescout NAC 6.3.4.1 XSS / Redirection / Filter

Forescout NAC Network Access Control multiple vulnerabilities: Forescout NAC 6.3.4.1 Cross-Site Redirection Vulnerability CVE-2012-4982 The Forescout NAC device is vulnerable to cross-site redirection and could be used to redirect a targetted victim to a malicious site. The 'a' parameter is...

Forescout CounterACT - a Open Redirection

Forescout CounterACT - a Open Redirection source: https://www.securityfocus.com/bid/56687/info Forescout CounterACT is prone to an open-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks; other attacks...

Forescout CounterACT - 'a' Open Redirection

source: https://www.securityfocus.com/bid/56687/info Forescout CounterACT is prone to an open-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks; other attacks are possible. Forescout CounterACT 6.3.4....