Database Password Leakage in Shopware 6.2.3

Database Password Leakage in Shopware 6.2.3

CVE-2020-13997 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

In Shopware before 6.2.3, the database password is leaked to an unauthenticated user when a DriverException occurs and verbose error handling is enabled.

Learn more about our User Device Pen Test.