CVE-2024-42356

HIGH EPSS 46.4%
Published Aug 8, 20241y ago · Modified Jun 17, 20261w ago
7.2 CVSS 3.1
High
Find Similar
Published Aug 8, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the `context` variable is injected into almost any Twig Template and allows to access to current language, currency information. The context object allows also to switch for a short time the scope of the Context as a helper with a callable function. The function can be called also from Twig and as the second parameter allows any callable, it's possible to call from Twig any statically callable PHP function/method. It's not possible as customer to provide any Twig code, the attacker would require access to Administration to exploit it using Mail templates or using App Scripts. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.1, 6.2, 6.3 and 6.4 corresponding security measures are also available via a plugin.

CVSS Details

Base Score
7.2
Exploitability
1.2
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
46.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 2

CWE-1336
CWE-94 Improper Control of Generation of Code (Code Injection) Injection

Affected Products 2

VendorProductVersionRange
shopwareshopware* <6.5.8.13
shopwareshopware*≥6.6.0.0  –  <6.6.5.1

References 5

  • github.com https://github.com/shopware/core/commit/04183e0c02af3b404eb7d52c683734bfe0595038
    Patch
  • github.com https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f
    Patch
  • github.com https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac
    Patch
  • github.com https://github.com/shopware/shopware/commit/e43423bcc93c618c3036f94c12aa29514da8cf2e
    Patch
  • github.com https://github.com/shopware/shopware/security/advisories/GHSA-35jp-8cgg-p4wj
    Vendor Advisory

Remediation

  • github.com https://github.com/shopware/core/commit/04183e0c02af3b404eb7d52c683734bfe0595038
    Patch
  • github.com https://github.com/shopware/core/commit/a784aa1cec0624e36e0ee4d41aeebaed40e0442f
    Patch
  • github.com https://github.com/shopware/shopware/commit/8504ba7e56e53add6a1d5b9d45015e3d899cd0ac
    Patch
  • github.com https://github.com/shopware/shopware/commit/e43423bcc93c618c3036f94c12aa29514da8cf2e
    Patch