exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2022-24748

почти 4 года назад

Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In versions prior to 6.4.8.2 it is possible to modify customers and to create orders without App Permission. This issue is a result of improper api route checking. Users are advised to upgrade to version 6.4.8.2. There are no known workarounds.

CVSS3: 6.8

EPSS: Низкий

GHSA-83vp-6jqg-6cmr

почти 4 года назад

Incorrect Authentication in shopware

CVSS3: 6.8

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2022-24748 Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In versions prior to 6.4.8.2 it is possible to modify customers and to create orders without App Permission. This issue is a result of improper api route checking. Users are advised to upgrade to version 6.4.8.2. There are no known workarounds.	CVSS3: 6.8	0% Низкий	почти 4 года назад
	GHSA-83vp-6jqg-6cmr Incorrect Authentication in shopware	CVSS3: 6.8	0% Низкий	почти 4 года назад

Уязвимостей на страницу