2 matches found
CVE-2022-24871
Shopware is an open commerce platform based on Symfony Framework and Vue. In affected versions an attacker can abuse the Admin SDK functionality on the server to read or update internal resources. Users are advised to update to the current version 6.4.10.1. For older versions of 6.1, 6.2, and 6.3...
CVE-2022-24871
Shopware SSRF vulnerability (CVE-2022-24871) enables an attacker to abuse the Admin SDK on the server to read or update internal resources. Affected: Shopware platform; current fix is upgrade to 6.4.10.1. For 6.1/6.2/6.3, security measures via a plugin are available. No public workaround document...