PT-2021-24400 — Exposure of Resource to Wrong Sphere in Shopware Shopware

PT-2021-24400 · Shopware · Shopware

Published

2021-04-13

Updated

2021-04-13

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions: Shopware versions prior to 6.3.5.3

Description: The issue allows for manipulation after the order payment process. It is recommended to update to the latest version to ensure security. There are security measures available for older versions via a plugin, but updating to the latest version is advised for the full range of functions.

Recommendations: For versions prior to 6.3.5.3, update to version 6.3.5.3. For older versions of 6.1 and 6.2, install the corresponding security plugin.

Exposure of Resource to Wrong Sphere

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-668

Related Identifiers

GHSA-88RC-3P98-RGVX

Affected Products

Shopware

PT-2021-24400 · Shopware · Shopware

Weakness Enumeration

Related Identifiers

Affected Products

References · 2