CVE-2022-28056: Incorrect Permission Assignment for Critical Resource
(updated )
ShopXO v2.2.5 and below was discovered to contain a system re-install vulnerability via the Add function in app/install/controller/Index.php.
References
Detect and mitigate CVE-2022-28056 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →