Security Advisories - PKSA-3s8k-bkt9-x96b - Packagist

PKSA-3s8k-bkt9-x96b Security Advisory

[MEDIUM] EC-CUBE improperly handles HTTP Host header values

PKSA-3s8k-bkt9-x96b CVE-2022-25355 GHSA-pw97-6v74-9w3p

Affected package: ec-cube/ec-cube

Affected version: >=4.0.0,<=4.1.1|>=3.0.0,<=3.0.18-p3

Reported by:
GitHub