PT-2026-25031 · Swag · Platform-Security
Amenk
·
Publicado
2026-03-12
·
Atualizado
2026-03-12
·
CVE-2026-32100
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Shopware versions prior to 2.0.16
Shopware versions prior to 3.0.12
Shopware versions prior to 4.0.7
Description
The
/api/ info/config API endpoint exposes information about active security fixes. This allows potential attackers to gain insights into the security posture of the Shopware platform.Recommendations
Update to Shopware version 2.0.16 or later.
Update to Shopware version 3.0.12 or later.
Update to Shopware version 4.0.7 or later.
Exploit
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Platform-Security