Description
Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a Cross-Site Scripting vulnerability via SVG media files. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| shopware | platform | affected |
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2021-1698 | Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a Cross-Site Scripting vulnerability via SVG media files. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. |
 Github GHSA |
GHSA-fc38-mxwr-pfhx | Cross-Site Scripting via SVG media files |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2024-08-04T01:23:01.529Z
Reserved: 2021-07-29T00:00:00.000Z
Link: CVE-2021-37710
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-08-16T23:15:07.923
Modified: 2024-11-21T06:15:45.890
Link: CVE-2021-37710
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses