Security Advisories - shopware/shopware - Packagist

shopware/shopware Security Advisories for v5.7.13 (5)

Shopware improper mail validation vulnerability

CVE-2023-34099

Affected version: >=5.1.4,<=5.7.17

Reported by:
GitHub
Shopware dependency configuration exposed

CVE-2023-34098

Affected version: >=5.6.0,<=5.7.17

Reported by:
GitHub
Shopware contains sensitive data in backend customer module

CVE-2022-36101

Affected version: <=5.7.14

Reported by:
GitHub
Shopware access control list bypassed via crafted specific URLs

CVE-2022-36102

Affected version: <=5.7.14

Reported by:
GitHub
Shopware vulnerable to persistent cross site scripting (XSS) in customer module

CVE-2022-31148

Affected version: >=5.7.0,<=5.7.13

Reported by:
GitHub