3 matches found
CVE-2022-24744
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In affected versions user sessions are not logged out if the password is reset via password recovery. This issue has been resolved in version 6.4.8.1. For older versions of 6.1, 6.2, and 6.3...
CVE-2022-24744
CVE-2022-24744 – Shopware Affected: Shopware (open commerce platform based on Symfony and Vue) where, in affected versions, user sessions remain active after a password reset via the recovery flow. Root cause (as described in security docs): insufficient session expiration management allowing a u...
CVE-2022-24744 Insufficient Session Expiration in shopware
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In affected versions user sessions are not logged out if the password is reset via password recovery. This issue has been resolved in version 6.4.8.1. For older versions of 6.1, 6.2, and 6.3...