CVE-2021-37707: Improper Input Validation

August 16, 2021 (updated August 24, 2021)

Shopware is an open source eCommerce platform. contain a vulnerability that allows manipulation of product reviews via API. contains a patch. As workarounds for older versions of, corresponding security measures are also available via a plugin.

References

nvd.nist.gov/vuln/detail/CVE-2021-37707

Detect and mitigate CVE-2021-37707 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →