Shopware is an open source e-commerce software. The mail validation in the registration process had some flaws, so it was possible to construct different mail addresses, that in the end result in the same address, which is shared by multiple accounts. This issue has been addressed in version 5.7.18 and users are advised to update. There are no known workarounds for this vulnerability.
References
Configurations
History
21 Nov 2024, 08:06
Type | Values Removed | Values Added |
---|---|---|
References | () https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023 - Patch, Vendor Advisory | |
References | () https://github.com/shopware/shopware/security/advisories/GHSA-gh66-fp7j-98v5 - Vendor Advisory | |
References | () https://github.com/shopware5/shopware/commit/39cc714d9a0be33b43877044d0b88ea3c6b43f3d - Patch | |
References | () https://www.shopware.com/en/changelog-sw5/#5-7-18 - Release Notes |
06 Jul 2023, 15:58
Type | Values Removed | Values Added |
---|---|---|
First Time |
Shopware shopware
Shopware |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
CPE | cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:* | |
References | (MISC) https://github.com/shopware5/shopware/commit/39cc714d9a0be33b43877044d0b88ea3c6b43f3d - Patch | |
References | (MISC) https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023 - Patch, Vendor Advisory | |
References | (MISC) https://www.shopware.com/en/changelog-sw5/#5-7-18 - Release Notes | |
References | (MISC) https://github.com/shopware/shopware/security/advisories/GHSA-gh66-fp7j-98v5 - Vendor Advisory |
27 Jun 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-27 17:15
Updated : 2024-11-21 08:06
NVD link : CVE-2023-34099
Mitre link : CVE-2023-34099
CVE.ORG link : CVE-2023-34099
JSON object : View
Products Affected
shopware
- shopware
CWE
CWE-754
Improper Check for Unusual or Exceptional Conditions