Security Advisory

CVE-2025-27892

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-15 00:00:00

Last updated 2025-04-16 18:32:23

Assigner mitre

State PUBLISHED

Description

Shopware prior to version 6.5.8.13 is affected by a SQL injection vulnerability in the /api/search/order endpoint. NOTE: this issue exists because of a CVE-2024-22406 and CVE-2024-42357 regression.

← Browse all CVEs View on cve.org ↗