Home > Vulnerability Database > CVE-2023-22731

Mend.io Vulnerability Database

CVE-2023-22731

Date: January 17, 2023

Shopware is an open source commerce platform based on Symfony Framework and Vue js. In a Twig environment without the Sandbox extension, it is possible to refer to PHP functions in twig filters like "map", "filter", "sort". This allows a template to call any global PHP function and thus execute arbitrary code. The attacker must have access to a Twig environment in order to exploit this vulnerability. This problem has been fixed with 6.4.18.1 with an override of the specified filters until the integration of the Sandbox extension has been finished. Users are advised to upgrade. Users of major versions 6.1, 6.2, and 6.3 may also receive this fix via a plugin.

Language: PHP

Severity Score

9.9

Related Resources (6)

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-22731

Url: https://github.com/shopware/platform/security/advisories/GHSA-93cw-f5jj-x85w

Url: https://github.com/shopware/platform/commit/89d1ea154689cb6202e0d3a0ceeae0febb0c09e1

Url: https://github.com/shopware/platform

Url: https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates

Url: https://www.mend.io/vulnerability-database/CVE-2023-22731

Severity Score

9.9

Weakness Type (CWE)

Improper Control of Generation of Code ('Code Injection')

CWE-94

CVSS v3.1

Base Score:	9.9
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	CHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2023-22731

Date: January 17, 2023

Language: PHP

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?