2 matches found
CVE-2021-37709
Shopware’s CVE-2021-37709 affects the Import/Export log-file handling. Versions prior to 6.4.3.1 are vulnerable to an insecure direct object reference of log files. A patch is available in 6.4.3.1; for older 6.1–6.3 deployments, security measures via a plugin are provided as a workaround. The fla...
CVE-2021-37709 Insecure direct object reference of log files of the Import/Export feature
Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a vulnerability involving an insecure direct object reference of log files of the Import/Export feature. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, and 6.3, corresponding securit...