shopware/shopware is vulnerable to authorization bypass. A remote authenticated attacker is able to bypass access control lists and perform unintended acts in the system, when the backend admin controllers are called with a certain insecure notation.
CPE | Name | Operator | Version |
---|---|---|---|
shopware/shopware | le | v5.7.14 | |
shopware/shopware | le | v5.7.14 |