Security Advisory

CVE-2021-37709

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-16 22:05:12

Last updated 2024-08-04 01:23:01

Assigner GitHub_M

State PUBLISHED

Description

Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a vulnerability involving an insecure direct object reference of log files of the Import/Export feature. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin.

← Browse all CVEs View on cve.org ↗