Moderate severityNVD Advisory· Published Jun 27, 2023· Updated Nov 7, 2024
Improper mail validation in Shopware
CVE-2023-34099
Description
Shopware is an open source e-commerce software. The mail validation in the registration process had some flaws, so it was possible to construct different mail addresses, that in the end result in the same address, which is shared by multiple accounts. This issue has been addressed in version 5.7.18 and users are advised to update. There are no known workarounds for this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
shopware/shopwarePackagist | >= 5.1.4, < 5.7.18 | 5.7.18 |
Affected products
2Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-gh66-fp7j-98v5ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-34099ghsaADVISORY
- docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023ghsax_refsource_MISCWEB
- github.com/shopware/shopware/security/advisories/GHSA-gh66-fp7j-98v5ghsax_refsource_CONFIRMWEB
- github.com/shopware5/shopware/commit/39cc714d9a0be33b43877044d0b88ea3c6b43f3dghsax_refsource_MISCWEB
- github.com/shopware5/shopware/security/advisories/GHSA-gh66-fp7j-98v5ghsaWEB
- www.shopware.com/en/changelog-sw5/ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.