shopware/shopware is vulnerable to information disclosure. The vulnerability exists in Account.php
because multiple tokens requests are allowed and the generated tokens are not properly validated during a password reset which allows an attacker to gain access to user’s email account and token information.
CPE | Name | Operator | Version |
---|---|---|---|
shopware/shopware | le | 1.0.8 | |
shopware/shopware | le | v5.7.8 | |
shopware/shopware | le | 1.0.8 | |
shopware/shopware | le | v5.7.8 |
docs.shopware.com/en/shopware-5-en/security-updates/security-update-04-2022
github.com/shopware/shopware/blob/1.0.8/engine/Shopware/Controllers/Frontend/Account.php#L502-L514
github.com/shopware/shopware/commit/4f511964c6f721387a7713238155f028898eda17
github.com/shopware/shopware/security/advisories/GHSA-3qrq-r688-vvh4
www.shopware.com/en/changelog-sw5/#5-7-9