An issue exists in OXID eShop Enterprise Edition prior to 5.3.7 and 6.x prior to 6.0.1. By entering specially crafted URLs, an attacker is able to bring the shop server to a standstill and hence, it stops working. This is only valid if OXID High Performance Option is activated and Varnish is used.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oxid-esales eshop |
||
oxid-esales eshop 6.0.0 |