Published: 23/06/2019 Updated: 25/06/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Shopware prior to 5.5.8 has XSS via the Query String to the backend/Login or backend/Login/load/ URI.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

shopware shopware

Mailing Lists

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Fri, May 31, 2019 at 10:48:05AM +0200, Daniel Bishtawi wrote: Please use CVE-2019-12935 for this vulnerability - -- Henri Salo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE/aVSDznAZReWTkxKJ633pE6qdXQFAl0QcMUACgkQJ633pE6q dXSKkA/+PT6Itfpm1o2EA66OiSDUinWJmuYTExFeb6nnQepcNNynBJiYypeCNOYW iViSK ...