4 matches found
CVE-2023-22732
creationtimestamp| type| source ---|---|--- 2023-01-18 00:15:45+00:00| seen| https://t.me/cibsecurity/56638...
CVE-2023-22732 Insufficient Session Expiration in Administration in shopware
Shopware is an open source commerce platform based on Symfony Framework and Vue js. The Administration session expiration was set to one week, when an attacker has stolen the session cookie they could use it for a long period of time. In version 6.4.18.1 an automatic logout into the Administratio...
CVE-2023-22732
Shopware administration session expiration was set to one week, enabling reuse of a stolen session cookie. The issue is documented across multiple sources (CVE-2023-22732) and is mitigated by updating to version 6.4.18.1, which adds automatic logout after inactivity. The vulnerability affects the...
CVE-2023-22732 Insufficient Session Expiration in Administration in shopware
Shopware is an open source commerce platform based on Symfony Framework and Vue js. The Administration session expiration was set to one week, when an attacker has stolen the session cookie they could use it for a long period of time. In version 6.4.18.1 an automatic logout into the Administratio...