Lucene search
K

4 matches found

NVD
NVD
added 2023/01/17 10:15 p.m.38 views

CVE-2023-22733

Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions the log module would write out all kind of sent mails. An attacker with access to either the local system logs or a centralized logging store may have access to other users accounts. This issu...

6.5CVSS4.4AI score0.00705EPSS
Exploits0References4
Prion
Prion
added 2023/01/17 10:15 p.m.17 views

Code injection

Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions the log module would write out all kind of sent mails. An attacker with access to either the local system logs or a centralized logging store may have access to other users accounts. This issu...

4CVSS6.4AI score0.00705EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2023/01/17 9:37 p.m.65 views

CVE-2023-22733

CVE-2023-22733 affects Shopware’s log module in affected Shopware versions (notably 6.1, 6.2, 6.3, and up to 6.4.18.1). The vulnerability is an information disclosure risk where the log output may contain sensitive data, including password reset emails, if an attacker can access local system logs...

6.5CVSS4.9AI score0.00705EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/01/17 9:37 p.m.27 views

CVE-2023-22733 Improper Output Neutralization in Log Module in shopware

Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions the log module would write out all kind of sent mails. An attacker with access to either the local system logs or a centralized logging store may have access to other users accounts. This issu...

2.7CVSS6.2AI score0.00705EPSS
Exploits0References6
Rows per page
Query Builder