Improper Control of Generation of Code in Twig rendered views in shopware
CVE-2023-22731

10CRITICAL

Key Information:

Vendor

Shopware

Status
Platform
Vendor
CVE Published:
17 January 2023

What is CVE-2023-22731?

The Shopware platform, an open-source commerce solution built on Symfony Framework and Vue.js, exhibits a serious code execution vulnerability within its Twig environment when the Sandbox extension is disabled. Attackers exploiting this flaw can call any global PHP function using various Twig filters such as 'map', 'filter', and 'sort', thereby executing arbitrary code. To mitigate this risk, users must upgrade to version 6.4.18.1, which restricts the affected filters until the Sandbox extension is fully integrated. Users of Shopware major versions 6.1, 6.2, and 6.3 can also obtain fixes through an available plugin.

Affected Version(s)

platform < 6.4.18.1

References

https://github.com/shopware/platform/security/advisories/...
x_refsource_CONFIRM
https://github.com/shopware/platform/commit/89d1ea154689c...
x_refsource_MISC
https://docs.shopware.com/en/shopware-6-en/security-updat...
x_refsource_MISC

EPSS Score

7% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.