CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-34098 – Dependency configuration exposed in Shopware
https://notcve.org/view.php?id=CVE-2023-34098
Shopware is an open source e-commerce software. Due to an incorrect configuration in the `.htaccess` file, the configuration file of the Javascript could be read in production environments (`themes/package-lock.json`). With this information, the specific Shopware version in a deployment might be determined by an attacker, which could be used for further attacks. Users are advised to update to version 5.7.18. There are no known workarounds for this vulnerability. • https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023 https://github.com/shopware/shopware/security/advisories/GHSA-q97c-2mh3-pgw9 https://github.com/shopware5/shopware/commit/b3518c8d9562a38615d638f31f79829f6e2f4b6a https://www.shopware.com/en/changelog-sw5/#5-7-18 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-48150
https://notcve.org/view.php?id=CVE-2022-48150
Shopware v5.5.10 was discovered to contain a cross-site scripting (XSS) vulnerability via the recovery/install/ URI. • https://github.com/sahilop123/-CVE-2022-48150 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2023-2017 – Improper Control of Generation of Code in Twig Rendered Views in Shopware
https://notcve.org/view.php?id=CVE-2023-2017
Server-side Template Injection (SSTI) in Shopware 6 (<= v6.4.20.0, v6.5.0.0-rc1 <= v6.5.0.0-rc4), affecting both shopware/core and shopware/platform GitHub repositories, allows remote attackers with access to a Twig environment without the Sandbox extension to bypass the validation checks in `Shopware\Core\Framework\Adapter\Twig\SecurityExtension` and call any arbitrary PHP function and thus execute arbitrary code/commands via usage of fully-qualified names, supplied as array of strings, when referencing callables. Users are advised to upgrade to v6.4.20.1 to resolve this issue. This is a bypass of CVE-2023-22731. • https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-04-2023 https://github.com/shopware/platform/security/advisories/GHSA-7v2v-9rm4-7m8f https://starlabs.sg/advisories/23/23-2017 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-184: Incomplete List of Disallowed Inputs CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23941 – SwagPayPal payment not sent to PayPal correctly
https://notcve.org/view.php?id=CVE-2023-23941
SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used (PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card), the amount and item list sent to PayPal may not be identical to the one in the created order. The problem has been fixed with version 5.4.4. As a workaround, disable the aforementioned payment methods or use the Security Plugin in version >= 1.0.21. • https://github.com/shopware/SwagPayPal/commit/57db5f4a57ef0a1646b509b415de9f03bf441b08 https://github.com/shopware/SwagPayPal/security/advisories/GHSA-vxpm-8hcp-qh27 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22733 – Improper Output Neutralization in Log Module in shopware
https://notcve.org/view.php?id=CVE-2023-22733
Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions the log module would write out all kind of sent mails. An attacker with access to either the local system logs or a centralized logging store may have access to other users accounts. This issue has been addressed in version 6.4.18.1. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. • https://developer.shopware.com/docs/guides/hosting/performance/performance-tweaks#logging https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates https://github.com/shopware/platform/commit/407a83063d7141c1a626441799c3ebef79498c07 https://github.com/shopware/platform/security/advisories/GHSA-7cp7-jfp6-jh4f • CWE-532: Insertion of Sensitive Information into Log File •