CVE-2023-22731

Improper Control of Generation of Code ('Code Injection') in packagist/shopware/core

Identifiers

CVE-2023-22731, GHSA-93cw-f5jj-x85w

Package Slug

packagist/shopware/core

Vulnerability

Improper Control of Generation of Code ('Code Injection')

Description

Shopware is an open source commerce platform based on Symfony Framework and Vue js. In a Twig environment without the Sandbox extension, it is possible to refer to PHP functions in twig filters like map, filter, sort. This allows a template to call any global PHP function and thus execute arbitrary code. The attacker must have access to a Twig environment in order to exploit this vulnerability. This problem has been fixed with 6.4.18.1 with an override of the specified filters until the integration of the Sandbox extension has been finished. Users are advised to upgrade. Users of major versions 6.1, 6.2, and 6.3 may also receive this fix via a plugin.

Affected Versions

All versions before 6.4.18.1

Solution

Upgrade to version 6.4.18.1 or above.

Last Modified

2023-01-18

source