Oxid · Oxid Eshop Enterprise Edition · CVE-2018-5763
Name of the Vulnerable Software and Affected Versions:
OXID eShop Enterprise Edition versions prior to 5.3.7
OXID eShop Enterprise Edition versions 6.x prior to 6.0.1
Description:
An issue allows an attacker to bring the shop server to a standstill by entering specially crafted URLs. This issue is only applicable if the OXID High Performance Option is activated and Varnish is used.
Recommendations:
For OXID eShop Enterprise Edition versions prior to 5.3.7, update to version 5.3.7 or later.
For OXID eShop Enterprise Edition versions 6.x prior to 6.0.1, update to version 6.0.1 or later.