2 matches found
CVE-2022-36101
Shopware is an open source e-commerce software. In affected versions the request for the customer detail view in the backend administration contained sensitive data like the hashed password and the session ID. These fields are now explicitly unset in version 5.7.15. Users are advised to update an...
CVE-2022-36101
The CVE-2022-36101 issue affects Shopware (Shopware 5.x). In affected versions, the backend customer detail view could expose sensitive data, specifically hashed passwords and session IDs, to unauthorized viewers. The root cause is that the request for the customer detail view did not unset these...