Home > Vulnerability Database > WS-2021-0069

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

WS-2021-0069

Date: August 19, 2025

Leak of information via Store-API aggregations in shopware/platform before 6.3.5.3 and shopware/core before 6.3.5.3.

Language: PHP

Severity Score

9.1

Related Resources (4)

Url: https://github.com/sopel-irc/sopel-weather/security/advisories/GHSA-63rq-p8fp-524q

Url: https://github.com/shopware/platform/security/advisories/GHSA-qg7c-q3vq-rgxr

Url: https://github.com/shopware/core/commit/e17ab7d460f73a580cd773492e44b716138534a8

Url: https://www.mend.io/vulnerability-database/WS-2021-0069

Severity Score

9.1

Weakness Type (CWE)

Exposure of Resource to Wrong Sphere

CWE-668

Exposure of Sensitive Information to an Unauthorized Actor

CWE-200

CVSS v3.1

Base Score:	9.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	NONE

Do you need more information?

Contact Us