logo

Database

Reflected cross-site scripting (XSS) In shopware/shopware

Description

Shopware vulnerable to cross-site scripting (XSS) Shopware v5.5.10 was discovered to contain a cross-site scripting (XSS) vulnerability via the recovery/install/ URI.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version

Aliases

1. CVE-2022-481502. NVD-2022-481503. OSV-2022-481504. GCVE-2022-48150

References

1. https://github.com/sahilop123/-CVE-2022-481502. https://github.com/SahilH4ck4you/-CVE-2022-48150

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.