First published: Wed Mar 09 2022(Updated: )
Credit: security-advisories@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
Shopware Shopware | <6.4.8.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-24747 is a vulnerability in Shopware, an open commerce platform, that allows sensitive HTTP headers to be exposed via HTTP caches.
CVE-2022-24747 has a severity rating of medium, with a severity value of 5.3.
Affected versions of Shopware, up to 6.4.8.2, do not properly set sensitive HTTP headers to be non-cacheable.
To fix CVE-2022-24747 in Shopware, you should apply the necessary security updates provided by the vendor (Shopware) and follow their recommended guidelines.
You can find more information about CVE-2022-24747 on the official Shopware documentation and the related GitHub references provided.