GHSA-q754-vwc4-p6qj

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/06/GHSA-q754-vwc4-p6qj/GHSA-q754-vwc4-p6qj.json
Aliases
  • CVE-2022-31057
Published
2022-06-22T17:53:34Z
Modified
2022-06-22T17:53:34Z
Details

Impact

Authenticated Stored XSS in Administration

Patches

We recommend updating to version 5.7.12. You can get the update to 5.7.12 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/de/changelog-sw5/#5-7-12

For older versions you can use the Security Plugin: https://store.shopware.com/en/swag575294366635f/shopware-security-plugin.html

References

https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2022

References

Affected packages

Packagist / shopware/shopware

shopware/shopware

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
5.7.12

Affected versions