logo

Database

Server side template injection In shopware/platform

Description

Shopware vulnerable to Server Side Template Injection in Twig using deprecation silence tag

Impact

Shopware has a new Twig Tag sw_silent_feature_call which silences deprecation messages while triggered in this tag. It accepts as parameter a string the feature flag name to silence, but this parameter is not escaped properly and allows execution of code.

Patches

Update to Shopware 6.6.5.1 or 6.5.8.13

Workarounds

For older versions of 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2024-423552. NVD-2024-423553. OSV-2024-423554. GHSA-27wp-jvhw-v4xp5. GCVE-2024-42355

References

1. https://github.com/shopware/shopware/security/advisories/GHSA-27wp-jvhw-v4xp2. https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f3. https://github.com/shopware/core/commit/d35ee2eda5c995faeb08b3dad127eab65c64e2a24. https://github.com/shopware/shopware/commit/445c6763cc093fbd651e0efaa4150deae4ae60da5. https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.