CVE-2024-42356 | Shopware up to 6.5.8.12/6.6.5.0 context special elements used in a template engine (GHSA-35jp-8cgg-p4wj)

Inserito da Angelo Barbosa | Ago 8, 2024 | CVE

A vulnerability classified as critical was found in Shopware up to 6.5.8.12/6.6.5.0. This vulnerability affects unknown code. The manipulation of the argument context leads to improper neutralization of special elements used in a template engine.

This vulnerability was named CVE-2024-42356. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-42356 | Shopware up to 6.5.8.12/6.6.5.0 context special elements used in a template engine (GHSA-35jp-8cgg-p4wj)

Post correlati

CVE-2023-49569 | go-git prior 5.11.0 Git Server Reply path traversal

CVE-2024-40492 | Heartbeat Chat 15.2.1 setname cross site scripting

CVE-2024-32017 | RIOT-OS up to 2023.10 gcoap_dns_server_proxy_get buffer overflow

CVE-2023-46566 | msoulier tftpy 467017b844bf6e31745138a30e2509145b0c529c TftpPacketFactory buffer overflow