Authenticated Stored XSS Vulnerability in Shopware Administration

Authenticated Stored XSS Vulnerability in Shopware Administration

CVE-2022-31057 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Shopware is an open source e-commerce software made in Germany. Versions of Shopware 5 prior to version 5.7.12 are subject to an authenticated Stored XSS in Administration. Users are advised to upgrade. There are no known workarounds for this issue.

Learn more about our E Commerce Pen Testing.