CVE-2024-42355: Shopware vulnerable to Server Side Template Injection in Twig using deprecation silence tag
Shopware has a new Twig Tag sw_silent_feature_call which silences deprecation messages while triggered in this tag.
It accepts as parameter a string the feature flag name to silence, but this parameter is not escaped properly and allows execution of code.
References
- github.com/advisories/GHSA-27wp-jvhw-v4xp
- github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f
- github.com/shopware/core/commit/d35ee2eda5c995faeb08b3dad127eab65c64e2a2
- github.com/shopware/shopware
- github.com/shopware/shopware/commit/445c6763cc093fbd651e0efaa4150deae4ae60da
- github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac
- github.com/shopware/shopware/security/advisories/GHSA-27wp-jvhw-v4xp
- nvd.nist.gov/vuln/detail/CVE-2024-42355
Detect and mitigate CVE-2024-42355 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →