First published: Tue Jan 17 2023(Updated: )
Shopware is an open source commerce platform based on Symfony Framework and Vue js. In a Twig environment **without the Sandbox extension**, it is possible to refer to PHP functions in twig filters like `map`, `filter`, `sort`. This allows a template to call any global PHP function and thus execute arbitrary code. The attacker must have access to a Twig environment in order to exploit this vulnerability. This problem has been fixed with 6.4.18.1 with an override of the specified filters until the integration of the Sandbox extension has been finished. Users are advised to upgrade. Users of major versions 6.1, 6.2, and 6.3 may also receive this fix via a plugin.
Credit: security-advisories@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
Shopware Shopware | <6.4.18.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-22731 is a vulnerability in Shopware, an open source commerce platform, that allows executing arbitrary PHP functions in templates.
CVE-2023-22731 has a severity rating of 8.8 (critical).
CVE-2023-22731 affects Shopware versions up to and including 6.4.18.1.
To fix CVE-2023-22731, update Shopware to a version beyond 6.4.18.1 and ensure the Twig environment has the Sandbox extension enabled.
Yes, you can find more information about CVE-2023-22731 in the Shopware security updates documentation [link1] and the related GitHub commits and advisories [link2] [link3].