CVE-2024-42354 | Shopware up to 6.5.8.12/6.6.5.0 Store-API access control (GHSA-hhcq-ph6w-494g)

Posted by Angelo Barbosa | Aug 8, 2024 | CVE

A vulnerability was found in Shopware up to 6.5.8.12/6.6.5.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Store-API. The manipulation leads to improper access controls.

This vulnerability is handled as CVE-2024-42354. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-42354 | Shopware up to 6.5.8.12/6.6.5.0 Store-API access control (GHSA-hhcq-ph6w-494g)

Related Posts

CVE-2024-2596 | Amssplus AMSS++ 4.31 select_send.php cross site scripting

CVE-2024-7955 | Starbox Plugin up to 3.5.1 on WordPress Setting cross site scripting

CVE-2024-36115 | dzikoysk reposilite up to 3.5.11 cross site scripting (GHSA-9w8w-34vr-65j2)

CVE-2024-38686 | Pluginic FancyPost Plugin up to 5.3.1 on WordPress cross site scripting