Skip to content

Persistent XSS in customer module in Shopware

Low severity GitHub Reviewed Published Nov 9, 2020 in shopware5/shopware • Updated Jan 9, 2023

Package

composer shopware/shopware (Composer)

Affected versions

< 5.6.9

Patched versions

5.6.9

Description

Impact

Persistent XSS in customer module

Patches

We recommend updating to the current version 5.6.9. You can get the update to 5.6.9 regularly via the Auto-Updater or directly via the download overview.

For older versions you can use the Security Plugin:
https://store.shopware.com/en/swag575294366635f/shopware-security-plugin.html

References

https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-11-2020

References

@shyim shyim published to shopware5/shopware Nov 9, 2020
Reviewed Nov 13, 2020
Published to the GitHub Advisory Database Nov 13, 2020
Last updated Jan 9, 2023

Severity

Low

Weaknesses

CVE ID

No known CVE

GHSA ID

GHSA-6gv9-7q4g-pmvm

Source code

No known source code
Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.