First published: Tue Jan 15 2019(Updated: )
Shopware before 5.4.3 allows SQL Injection by remote authenticated users, aka SW-21404.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Shopware Shopware | <5.4.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-20713 is a vulnerability in Shopware before version 5.4.3 that allows SQL Injection by remote authenticated users.
CVE-2018-20713 has a severity rating of 8.8, which is considered high.
To fix CVE-2018-20713, update Shopware to version 5.4.3 or above.
You can find more information about CVE-2018-20713 at the following references: [link1], [link2], [link3].
The CWE for CVE-2018-20713 is CWE-89, which is a vulnerability related to improper neutralization of special elements used in an SQL command.