GHSA-jqr7-5h7r-ch8p: Shopware Non-Persistent XSS in the Frontend
A non-persistent Cross-Site Scripting (XSS) vulnerability has been identified in the Shopware eCommerce platform within the frontend. This vulnerability may allow an attacker to inject and execute malicious scripts in the context of a victim’s web browser.
References
- community.shopware.com/_detail_2048.html
- docs.shopware.com/en/shopware-5-en/security-updates/security-update-01-2018?category=shopware-5-en/security-updates
- github.com/FriendsOfPHP/security-advisories/blob/master/shopware/shopware/2018-01-22.yaml
- github.com/advisories/GHSA-jqr7-5h7r-ch8p
- github.com/shopware5/shopware
- github.com/shopware5/shopware/commit/54461aa651566dc2701b873fe6bd94589604751b
Detect and mitigate GHSA-jqr7-5h7r-ch8p with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →