Vulnerabilites related to Sylius - Sylius
CVE-2022-24749 (GCVE-0-2022-24749)
Vulnerability from cvelistv5
Published
2022-03-14 21:45
Modified
2025-04-22 18:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Sylius is an open source eCommerce platform. In versions prior to 1.9.10, 1.10.11, and 1.11.2, it is possible to upload an SVG file containing cross-site scripting (XSS) code in the admin panel. In order to perform a XSS attack, the file itself has to be open in a new card or loaded outside of the IMG tag. The problem applies both to the files opened on the admin panel and shop pages. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. As a workaround, require a library that adds on-upload file sanitization and overwrite the service before writing the file to the filesystem. The GitHub Security Advisory contains more specific information about the workaround.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Sylius/Sylius/releases/tag/v1.10.11 | x_refsource_MISC | |
| https://github.com/Sylius/Sylius/releases/tag/v1.11.2 | x_refsource_MISC | |
| https://github.com/Sylius/Sylius/releases/tag/v1.9.10 | x_refsource_MISC | |
| https://github.com/Sylius/Sylius/security/advisories/GHSA-4qrp-27r3-66fj | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:20:50.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-4qrp-27r3-66fj"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-24749",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T15:49:14.780831Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T18:18:36.653Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sylius",
"vendor": "Sylius",
"versions": [
{
"status": "affected",
"version": "\u003c 1.9.10"
},
{
"status": "affected",
"version": "\u003e= 1.10.0, \u003c 1.10.11"
},
{
"status": "affected",
"version": "\u003e= 1.11.0, \u003c 1.11.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sylius is an open source eCommerce platform. In versions prior to 1.9.10, 1.10.11, and 1.11.2, it is possible to upload an SVG file containing cross-site scripting (XSS) code in the admin panel. In order to perform a XSS attack, the file itself has to be open in a new card or loaded outside of the IMG tag. The problem applies both to the files opened on the admin panel and shop pages. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. As a workaround, require a library that adds on-upload file sanitization and overwrite the service before writing the file to the filesystem. The GitHub Security Advisory contains more specific information about the workaround."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434: Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-14T21:45:12.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-4qrp-27r3-66fj"
}
],
"source": {
"advisory": "GHSA-4qrp-27r3-66fj",
"discovery": "UNKNOWN"
},
"title": "Basic Cross-site Scripting and Unrestricted Upload of File with Dangerous Type in Sylius",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-24749",
"STATE": "PUBLIC",
"TITLE": "Basic Cross-site Scripting and Unrestricted Upload of File with Dangerous Type in Sylius"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sylius",
"version": {
"version_data": [
{
"version_value": "\u003c 1.9.10"
},
{
"version_value": "\u003e= 1.10.0, \u003c 1.10.11"
},
{
"version_value": "\u003e= 1.11.0, \u003c 1.11.2"
}
]
}
}
]
},
"vendor_name": "Sylius"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sylius is an open source eCommerce platform. In versions prior to 1.9.10, 1.10.11, and 1.11.2, it is possible to upload an SVG file containing cross-site scripting (XSS) code in the admin panel. In order to perform a XSS attack, the file itself has to be open in a new card or loaded outside of the IMG tag. The problem applies both to the files opened on the admin panel and shop pages. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. As a workaround, require a library that adds on-upload file sanitization and overwrite the service before writing the file to the filesystem. The GitHub Security Advisory contains more specific information about the workaround."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-434: Unrestricted Upload of File with Dangerous Type"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11",
"refsource": "MISC",
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"name": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2",
"refsource": "MISC",
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"name": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10",
"refsource": "MISC",
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10"
},
{
"name": "https://github.com/Sylius/Sylius/security/advisories/GHSA-4qrp-27r3-66fj",
"refsource": "CONFIRM",
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-4qrp-27r3-66fj"
}
]
},
"source": {
"advisory": "GHSA-4qrp-27r3-66fj",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-24749",
"datePublished": "2022-03-14T21:45:13.000Z",
"dateReserved": "2022-02-10T00:00:00.000Z",
"dateUpdated": "2025-04-22T18:18:36.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24733 (GCVE-0-2022-24733)
Vulnerability from cvelistv5
Published
2022-03-14 18:50
Modified
2025-04-23 18:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1021 - Improper Restriction of Rendered UI Layers or Frames
Summary
Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, it is possible for a page controlled by an attacker to load the website within an iframe. This will enable a clickjacking attack, in which the attacker's page overlays the target application's interface with a different interface provided by the attacker. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. A workaround is available. Every response from app should have an X-Frame-Options header set to: ``sameorigin``. To achieve that, add a new `subscriber` in the app.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Sylius/Sylius/security/advisories/GHSA-4jp3-q2qm-9fmw | x_refsource_CONFIRM | |
| https://github.com/Sylius/Sylius/releases/tag/v1.10.11 | x_refsource_MISC | |
| https://github.com/Sylius/Sylius/releases/tag/v1.11.2 | x_refsource_MISC | |
| https://github.com/Sylius/Sylius/releases/tag/v1.9.10 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:20:49.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-4jp3-q2qm-9fmw"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-24733",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:09:08.211087Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:54:19.052Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sylius",
"vendor": "Sylius",
"versions": [
{
"status": "affected",
"version": "\u003c 1.9.10"
},
{
"status": "affected",
"version": "\u003e= 1.10.0, \u003c 1.10.11"
},
{
"status": "affected",
"version": "\u003e= 1.11.0, \u003c 1.11.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, it is possible for a page controlled by an attacker to load the website within an iframe. This will enable a clickjacking attack, in which the attacker\u0027s page overlays the target application\u0027s interface with a different interface provided by the attacker. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. A workaround is available. Every response from app should have an X-Frame-Options header set to: ``sameorigin``. To achieve that, add a new `subscriber` in the app."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1021",
"description": "CWE-1021: Improper Restriction of Rendered UI Layers or Frames",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-14T18:50:10.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-4jp3-q2qm-9fmw"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10"
}
],
"source": {
"advisory": "GHSA-4jp3-q2qm-9fmw",
"discovery": "UNKNOWN"
},
"title": "Improper Restriction of Rendered UI Layers or Frames in Sylius",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-24733",
"STATE": "PUBLIC",
"TITLE": "Improper Restriction of Rendered UI Layers or Frames in Sylius"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sylius",
"version": {
"version_data": [
{
"version_value": "\u003c 1.9.10"
},
{
"version_value": "\u003e= 1.10.0, \u003c 1.10.11"
},
{
"version_value": "\u003e= 1.11.0, \u003c 1.11.2"
}
]
}
}
]
},
"vendor_name": "Sylius"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, it is possible for a page controlled by an attacker to load the website within an iframe. This will enable a clickjacking attack, in which the attacker\u0027s page overlays the target application\u0027s interface with a different interface provided by the attacker. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. A workaround is available. Every response from app should have an X-Frame-Options header set to: ``sameorigin``. To achieve that, add a new `subscriber` in the app."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1021: Improper Restriction of Rendered UI Layers or Frames"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Sylius/Sylius/security/advisories/GHSA-4jp3-q2qm-9fmw",
"refsource": "CONFIRM",
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-4jp3-q2qm-9fmw"
},
{
"name": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11",
"refsource": "MISC",
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"name": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2",
"refsource": "MISC",
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"name": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10",
"refsource": "MISC",
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10"
}
]
},
"source": {
"advisory": "GHSA-4jp3-q2qm-9fmw",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-24733",
"datePublished": "2022-03-14T18:50:10.000Z",
"dateReserved": "2022-02-10T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:54:19.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16768 (GCVE-0-2019-16768)
Vulnerability from cvelistv5
Published
2019-12-05 20:00
Modified
2024-08-05 01:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-209 - Information Exposure Through an Error Message
Summary
In affected versions of Sylius, exception messages from internal exceptions (like database exception) are wrapped by \Symfony\Component\Security\Core\Exception\AuthenticationServiceException and propagated through the system to UI. Therefore, some internal system information may leak and be visible to the customer. A validation message with the exception details will be presented to the user when one will try to log into the shop. This has been patched in versions 1.3.14, 1.4.10, 1.5.7, and 1.6.3.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Sylius/Sylius/security/advisories/GHSA-3r8j-pmch-5j2h | x_refsource_CONFIRM | |
| https://github.com/Sylius/Sylius/commit/be245302dfc594d8690fe50dd47631d186aa945f | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:24:47.238Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-3r8j-pmch-5j2h"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/commit/be245302dfc594d8690fe50dd47631d186aa945f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sylius",
"vendor": "Sylius",
"versions": [
{
"lessThan": "1.3.14",
"status": "affected",
"version": "\u003c 1.3.14",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In affected versions of Sylius, exception messages from internal exceptions (like database exception) are wrapped by \\Symfony\\Component\\Security\\Core\\Exception\\AuthenticationServiceException and propagated through the system to UI. Therefore, some internal system information may leak and be visible to the customer. A validation message with the exception details will be presented to the user when one will try to log into the shop. This has been patched in versions 1.3.14, 1.4.10, 1.5.7, and 1.6.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209 Information Exposure Through an Error Message",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-06T15:13:56",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-3r8j-pmch-5j2h"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Sylius/Sylius/commit/be245302dfc594d8690fe50dd47631d186aa945f"
}
],
"source": {
"advisory": "GHSA-3r8j-pmch-5j2h",
"discovery": "UNKNOWN"
},
"title": "Internal exception message exposure for login action in Sylius",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2019-16768",
"STATE": "PUBLIC",
"TITLE": "Internal exception message exposure for login action in Sylius"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sylius",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "\u003c 1.3.14",
"version_value": "1.3.14"
}
]
}
}
]
},
"vendor_name": "Sylius"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In affected versions of Sylius, exception messages from internal exceptions (like database exception) are wrapped by \\Symfony\\Component\\Security\\Core\\Exception\\AuthenticationServiceException and propagated through the system to UI. Therefore, some internal system information may leak and be visible to the customer. A validation message with the exception details will be presented to the user when one will try to log into the shop. This has been patched in versions 1.3.14, 1.4.10, 1.5.7, and 1.6.3."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-209 Information Exposure Through an Error Message"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Sylius/Sylius/security/advisories/GHSA-3r8j-pmch-5j2h",
"refsource": "CONFIRM",
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-3r8j-pmch-5j2h"
},
{
"name": "https://github.com/Sylius/Sylius/commit/be245302dfc594d8690fe50dd47631d186aa945f",
"refsource": "MISC",
"url": "https://github.com/Sylius/Sylius/commit/be245302dfc594d8690fe50dd47631d186aa945f"
}
]
},
"source": {
"advisory": "GHSA-3r8j-pmch-5j2h",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2019-16768",
"datePublished": "2019-12-05T20:00:21",
"dateReserved": "2019-09-24T00:00:00",
"dateUpdated": "2024-08-05T01:24:47.238Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34349 (GCVE-0-2024-34349)
Vulnerability from cvelistv5
Published
2024-05-10 15:29
Modified
2024-08-02 02:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Sylius is an open source eCommerce platform. Prior to 1.12.16 and 1.13.1, there is a possibility to execute javascript code in the Admin panel. In order to perform an XSS attack input a script into Name field in which of the resources: Taxons, Products, Product Options or Product Variants. The code will be executed while using an autocomplete field with one of the listed entities in the Admin Panel. Also for the taxons in the category tree on the product form.The issue is fixed in versions: 1.12.16, 1.13.1.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r | x_refsource_CONFIRM | |
| https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34349",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-10T18:30:14.256886Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:42:11.744Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:51:11.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r"
},
{
"name": "https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sylius",
"vendor": "Sylius",
"versions": [
{
"status": "affected",
"version": "\u003c 1.12.16"
},
{
"status": "affected",
"version": "\u003e= 1.13.0-alpha.1, \u003c 1.13.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sylius is an open source eCommerce platform. Prior to 1.12.16 and 1.13.1, there is a possibility to execute javascript code in the Admin panel. In order to perform an XSS attack input a script into Name field in which of the resources: Taxons, Products, Product Options or Product Variants. The code will be executed while using an autocomplete field with one of the listed entities in the Admin Panel. Also for the taxons in the category tree on the product form.The issue is fixed in versions: 1.12.16, 1.13.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-08T12:35:38.149Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-v2f9-rv6w-vw8r"
},
{
"name": "https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Sylius/Sylius/commit/ba4b66da5af88cdb1bba6174de8bdf42f4853e12"
}
],
"source": {
"advisory": "GHSA-v2f9-rv6w-vw8r",
"discovery": "UNKNOWN"
},
"title": "Sylius potentially vulnerable to Cross Site Scripting via \"Name\" field (Taxons, Products, Options, Variants) in Admin Panel"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-34349",
"datePublished": "2024-05-10T15:29:39.791Z",
"dateReserved": "2024-05-02T06:36:32.437Z",
"dateUpdated": "2024-08-02T02:51:11.424Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-12186 (GCVE-0-2019-12186)
Vulnerability from cvelistv5
Published
2019-12-31 14:21
Modified
2024-08-04 23:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Sylius products. Missing input sanitization in sylius/sylius 1.0.x through 1.0.18, 1.1.x through 1.1.17, 1.2.x through 1.2.16, 1.3.x through 1.3.11, and 1.4.x through 1.4.3 and sylius/grid 1.0.x through 1.0.18, 1.1.x through 1.1.18, 1.2.x through 1.2.17, 1.3.x through 1.3.12, 1.4.x through 1.4.4, and 1.5.0 allows an attacker (an admin in the sylius/sylius case) to perform XSS by injecting malicious code into a field displayed in a grid with the "string" field type. The contents are an object, with malicious code returned by the __toString() method of that object.
References
| ▼ | URL | Tags |
|---|---|---|
| https://sylius.com/blog/cve-2019-12186/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:10:30.817Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sylius.com/blog/cve-2019-12186/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Sylius products. Missing input sanitization in sylius/sylius 1.0.x through 1.0.18, 1.1.x through 1.1.17, 1.2.x through 1.2.16, 1.3.x through 1.3.11, and 1.4.x through 1.4.3 and sylius/grid 1.0.x through 1.0.18, 1.1.x through 1.1.18, 1.2.x through 1.2.17, 1.3.x through 1.3.12, 1.4.x through 1.4.4, and 1.5.0 allows an attacker (an admin in the sylius/sylius case) to perform XSS by injecting malicious code into a field displayed in a grid with the \"string\" field type. The contents are an object, with malicious code returned by the __toString() method of that object."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-31T14:21:39",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sylius.com/blog/cve-2019-12186/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12186",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Sylius products. Missing input sanitization in sylius/sylius 1.0.x through 1.0.18, 1.1.x through 1.1.17, 1.2.x through 1.2.16, 1.3.x through 1.3.11, and 1.4.x through 1.4.3 and sylius/grid 1.0.x through 1.0.18, 1.1.x through 1.1.18, 1.2.x through 1.2.17, 1.3.x through 1.3.12, 1.4.x through 1.4.4, and 1.5.0 allows an attacker (an admin in the sylius/sylius case) to perform XSS by injecting malicious code into a field displayed in a grid with the \"string\" field type. The contents are an object, with malicious code returned by the __toString() method of that object."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sylius.com/blog/cve-2019-12186/",
"refsource": "CONFIRM",
"url": "https://sylius.com/blog/cve-2019-12186/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-12186",
"datePublished": "2019-12-31T14:21:39",
"dateReserved": "2019-05-19T00:00:00",
"dateUpdated": "2024-08-04T23:10:30.817Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24743 (GCVE-0-2022-24743)
Vulnerability from cvelistv5
Published
2022-03-14 21:00
Modified
2025-04-22 18:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-613 - Insufficient Session Expiration
Summary
Sylius is an open source eCommerce platform. Prior to versions 1.10.11 and 1.11.2, the reset password token was not set to null after the password was changed. The same token could be used several times, which could result in leak of the existing token and unauthorized password change. The issue is fixed in versions 1.10.11 and 1.11.2. As a workaround, overwrite the `Sylius\Bundle\ApiBundle\CommandHandler\ResetPasswordHandler` class with code provided by the maintainers and register it in a container. More information about this workaround is available in the GitHub Security Advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Sylius/Sylius/releases/tag/v1.10.11 | x_refsource_MISC | |
| https://github.com/Sylius/Sylius/releases/tag/v1.11.2 | x_refsource_MISC | |
| https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:20:50.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-24743",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T15:49:17.884088Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T18:18:50.307Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sylius",
"vendor": "Sylius",
"versions": [
{
"status": "affected",
"version": "\u003c 1.10.11"
},
{
"status": "affected",
"version": "\u003e= 1.11.0, \u003c 1.11.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sylius is an open source eCommerce platform. Prior to versions 1.10.11 and 1.11.2, the reset password token was not set to null after the password was changed. The same token could be used several times, which could result in leak of the existing token and unauthorized password change. The issue is fixed in versions 1.10.11 and 1.11.2. As a workaround, overwrite the `Sylius\\Bundle\\ApiBundle\\CommandHandler\\ResetPasswordHandler` class with code provided by the maintainers and register it in a container. More information about this workaround is available in the GitHub Security Advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613: Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-14T21:00:14.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g"
}
],
"source": {
"advisory": "GHSA-mf3v-f2qq-pf9g",
"discovery": "UNKNOWN"
},
"title": "Insufficient Session Expiration in Sylius",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-24743",
"STATE": "PUBLIC",
"TITLE": "Insufficient Session Expiration in Sylius"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sylius",
"version": {
"version_data": [
{
"version_value": "\u003c 1.10.11"
},
{
"version_value": "\u003e= 1.11.0, \u003c 1.11.2"
}
]
}
}
]
},
"vendor_name": "Sylius"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sylius is an open source eCommerce platform. Prior to versions 1.10.11 and 1.11.2, the reset password token was not set to null after the password was changed. The same token could be used several times, which could result in leak of the existing token and unauthorized password change. The issue is fixed in versions 1.10.11 and 1.11.2. As a workaround, overwrite the `Sylius\\Bundle\\ApiBundle\\CommandHandler\\ResetPasswordHandler` class with code provided by the maintainers and register it in a container. More information about this workaround is available in the GitHub Security Advisory."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-613: Insufficient Session Expiration"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11",
"refsource": "MISC",
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"name": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2",
"refsource": "MISC",
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"name": "https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g",
"refsource": "CONFIRM",
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g"
}
]
},
"source": {
"advisory": "GHSA-mf3v-f2qq-pf9g",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-24743",
"datePublished": "2022-03-14T21:00:14.000Z",
"dateReserved": "2022-02-10T00:00:00.000Z",
"dateUpdated": "2025-04-22T18:18:50.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5218 (GCVE-0-2020-5218)
Vulnerability from cvelistv5
Published
2020-01-27 20:25
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Summary
Affected versions of Sylius give attackers the ability to switch channels via the _channel_code GET parameter in production environments. This was meant to be enabled only when kernel.debug is set to true. However, if no sylius_channel.debug is set explicitly in the configuration, the default value which is kernel.debug will be not resolved and cast to boolean, enabling this debug feature even if that parameter is set to false. Patch has been provided for Sylius 1.3.x and newer - 1.3.16, 1.4.12, 1.5.9, 1.6.5. Versions older than 1.3 are not covered by our security support anymore.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Sylius/SyliusResourceBundle/security/advisories/GHSA-8vp7-j5cj-vvm2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/sylius/resource-bundle/CVE-2020-5220.yaml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sylius",
"vendor": "Sylius",
"versions": [
{
"status": "affected",
"version": "\u003c 1.3.13"
},
{
"status": "affected",
"version": "\u003e= 1.4.0, \u003c 1.4.6"
},
{
"status": "affected",
"version": "\u003e= 1.5.0, \u003c 1.5.1"
},
{
"status": "affected",
"version": "\u003e= 1.6.0, \u003c 1.6.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Affected versions of Sylius give attackers the ability to switch channels via the _channel_code GET parameter in production environments. This was meant to be enabled only when kernel.debug is set to true. However, if no sylius_channel.debug is set explicitly in the configuration, the default value which is kernel.debug will be not resolved and cast to boolean, enabling this debug feature even if that parameter is set to false. Patch has been provided for Sylius 1.3.x and newer - 1.3.16, 1.4.12, 1.5.9, 1.6.5. Versions older than 1.3 are not covered by our security support anymore."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-27T20:25:13",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Sylius/SyliusResourceBundle/security/advisories/GHSA-8vp7-j5cj-vvm2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/sylius/resource-bundle/CVE-2020-5220.yaml"
}
],
"source": {
"advisory": "GHSA-prg5-hg25-8grq",
"discovery": "UNKNOWN"
},
"title": "Ability in Sylius to switch channels via GET parameter enabled in production environments",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-5218",
"STATE": "PUBLIC",
"TITLE": "Ability in Sylius to switch channels via GET parameter enabled in production environments"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sylius",
"version": {
"version_data": [
{
"version_value": "\u003c 1.3.13"
},
{
"version_value": "\u003e= 1.4.0, \u003c 1.4.6"
},
{
"version_value": "\u003e= 1.5.0, \u003c 1.5.1"
},
{
"version_value": "\u003e= 1.6.0, \u003c 1.6.3"
}
]
}
}
]
},
"vendor_name": "Sylius"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Affected versions of Sylius give attackers the ability to switch channels via the _channel_code GET parameter in production environments. This was meant to be enabled only when kernel.debug is set to true. However, if no sylius_channel.debug is set explicitly in the configuration, the default value which is kernel.debug will be not resolved and cast to boolean, enabling this debug feature even if that parameter is set to false. Patch has been provided for Sylius 1.3.x and newer - 1.3.16, 1.4.12, 1.5.9, 1.6.5. Versions older than 1.3 are not covered by our security support anymore."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Sylius/SyliusResourceBundle/security/advisories/GHSA-8vp7-j5cj-vvm2",
"refsource": "CONFIRM",
"url": "https://github.com/Sylius/SyliusResourceBundle/security/advisories/GHSA-8vp7-j5cj-vvm2"
},
{
"name": "https://github.com/FriendsOfPHP/security-advisories/blob/master/sylius/resource-bundle/CVE-2020-5220.yaml",
"refsource": "MISC",
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/sylius/resource-bundle/CVE-2020-5220.yaml"
}
]
},
"source": {
"advisory": "GHSA-prg5-hg25-8grq",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-5218",
"datePublished": "2020-01-27T20:25:13",
"dateReserved": "2020-01-02T00:00:00",
"dateUpdated": "2024-08-04T08:22:08.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40633 (GCVE-0-2024-40633)
Vulnerability from cvelistv5
Published
2024-07-17 17:51
Modified
2024-08-02 04:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
Sylius is an Open Source eCommerce Framework on Symfony. A security vulnerability was discovered in the `/api/v2/shop/adjustments/{id}` endpoint, which retrieves order adjustments based on incremental integer IDs. The vulnerability allows an attacker to enumerate valid adjustment IDs and retrieve order tokens. Using these tokens, an attacker can access guest customer order details - sensitive guest customer information. The issue is fixed in versions: 1.12.19, 1.13.4 and above. The `/api/v2/shop/adjustments/{id}` will always return `404` status. Users are advised to upgrade. Users unable to upgrade may alter their config to mitigate this issue. Please see the linked GHSA for details.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Sylius/Sylius/security/advisories/GHSA-55rf-8q29-4g43 | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sylius",
"vendor": "sylius",
"versions": [
{
"lessThan": "1.12.19",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.12",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.13.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40633",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T19:06:37.163426Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T19:17:09.615Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:33:11.961Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Sylius/Sylius/security/advisories/GHSA-55rf-8q29-4g43",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-55rf-8q29-4g43"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sylius",
"vendor": "Sylius",
"versions": [
{
"status": "affected",
"version": "\u003c 1.12.19"
},
{
"status": "affected",
"version": "\u003e= 1.13.0, \u003c 1.13.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sylius is an Open Source eCommerce Framework on Symfony. A security vulnerability was discovered in the `/api/v2/shop/adjustments/{id}` endpoint, which retrieves order adjustments based on incremental integer IDs. The vulnerability allows an attacker to enumerate valid adjustment IDs and retrieve order tokens. Using these tokens, an attacker can access guest customer order details - sensitive guest customer information. The issue is fixed in versions: 1.12.19, 1.13.4 and above. The `/api/v2/shop/adjustments/{id}` will always return `404` status. Users are advised to upgrade. Users unable to upgrade may alter their config to mitigate this issue. Please see the linked GHSA for details."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T17:51:45.986Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Sylius/Sylius/security/advisories/GHSA-55rf-8q29-4g43",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-55rf-8q29-4g43"
}
],
"source": {
"advisory": "GHSA-55rf-8q29-4g43",
"discovery": "UNKNOWN"
},
"title": "Customer data leak via adjustments API endpoint in Sylius"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-40633",
"datePublished": "2024-07-17T17:51:45.986Z",
"dateReserved": "2024-07-08T16:13:15.511Z",
"dateUpdated": "2024-08-02T04:33:11.961Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32720 (GCVE-0-2021-32720)
Vulnerability from cvelistv5
Published
2021-06-28 18:45
Modified
2024-08-03 23:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
Sylius is an Open Source eCommerce platform on top of Symfony. In versions of Sylius prior to 1.9.5 and 1.10.0-RC.1, part of the details (order ID, order number, items total, and token value) of all placed orders were exposed to unauthorized users. If exploited properly, a few additional information like the number of items in the cart and the date of the shipping may be fetched as well. This data seems to not be crucial nor is personal data, however, could be used for sociotechnical attacks or may expose a few details about shop condition to the third parties. The data possible to aggregate are the number of processed orders or their value in the moment of time. The problem has been patched at Sylius 1.9.5 and 1.10.0-RC.1. There are a few workarounds for the vulnerability. The first possible solution is to hide the problematic endpoints behind the firewall from not logged in users. This would put only the order list under the firewall and allow only authorized users to access it. Once a user is authorized, it will have access to theirs orders only. The second possible solution is to decorate the `\Sylius\Bundle\ApiBundle\Doctrine\QueryCollectionExtension\OrdersByLoggedInUserExtension` and throw `Symfony\Component\Security\Core\Exception\AccessDeniedException` if the class is executed for unauthorized user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Sylius/Sylius/security/advisories/GHSA-rpxh-vg2x-526v | x_refsource_CONFIRM | |
| https://github.com/Sylius/Sylius/releases/tag/v1.9.5 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:31.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-rpxh-vg2x-526v"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sylius",
"vendor": "Sylius",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.9.0, \u003c 1.9.5"
},
{
"status": "affected",
"version": "\u003e= 1.10.0-ALPHA.1, \u003c= 1.10.0-BETA.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sylius is an Open Source eCommerce platform on top of Symfony. In versions of Sylius prior to 1.9.5 and 1.10.0-RC.1, part of the details (order ID, order number, items total, and token value) of all placed orders were exposed to unauthorized users. If exploited properly, a few additional information like the number of items in the cart and the date of the shipping may be fetched as well. This data seems to not be crucial nor is personal data, however, could be used for sociotechnical attacks or may expose a few details about shop condition to the third parties. The data possible to aggregate are the number of processed orders or their value in the moment of time. The problem has been patched at Sylius 1.9.5 and 1.10.0-RC.1. There are a few workarounds for the vulnerability. The first possible solution is to hide the problematic endpoints behind the firewall from not logged in users. This would put only the order list under the firewall and allow only authorized users to access it. Once a user is authorized, it will have access to theirs orders only. The second possible solution is to decorate the `\\Sylius\\Bundle\\ApiBundle\\Doctrine\\QueryCollectionExtension\\OrdersByLoggedInUserExtension` and throw `Symfony\\Component\\Security\\Core\\Exception\\AccessDeniedException` if the class is executed for unauthorized user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T18:45:11",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-rpxh-vg2x-526v"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.5"
}
],
"source": {
"advisory": "GHSA-rpxh-vg2x-526v",
"discovery": "UNKNOWN"
},
"title": "List of order ids, number, items total and token value exposed for unauthorized uses via new API",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-32720",
"STATE": "PUBLIC",
"TITLE": "List of order ids, number, items total and token value exposed for unauthorized uses via new API"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sylius",
"version": {
"version_data": [
{
"version_value": "\u003e= 1.9.0, \u003c 1.9.5"
},
{
"version_value": "\u003e= 1.10.0-ALPHA.1, \u003c= 1.10.0-BETA.1"
}
]
}
}
]
},
"vendor_name": "Sylius"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sylius is an Open Source eCommerce platform on top of Symfony. In versions of Sylius prior to 1.9.5 and 1.10.0-RC.1, part of the details (order ID, order number, items total, and token value) of all placed orders were exposed to unauthorized users. If exploited properly, a few additional information like the number of items in the cart and the date of the shipping may be fetched as well. This data seems to not be crucial nor is personal data, however, could be used for sociotechnical attacks or may expose a few details about shop condition to the third parties. The data possible to aggregate are the number of processed orders or their value in the moment of time. The problem has been patched at Sylius 1.9.5 and 1.10.0-RC.1. There are a few workarounds for the vulnerability. The first possible solution is to hide the problematic endpoints behind the firewall from not logged in users. This would put only the order list under the firewall and allow only authorized users to access it. Once a user is authorized, it will have access to theirs orders only. The second possible solution is to decorate the `\\Sylius\\Bundle\\ApiBundle\\Doctrine\\QueryCollectionExtension\\OrdersByLoggedInUserExtension` and throw `Symfony\\Component\\Security\\Core\\Exception\\AccessDeniedException` if the class is executed for unauthorized user."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Sylius/Sylius/security/advisories/GHSA-rpxh-vg2x-526v",
"refsource": "CONFIRM",
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-rpxh-vg2x-526v"
},
{
"name": "https://github.com/Sylius/Sylius/releases/tag/v1.9.5",
"refsource": "MISC",
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.5"
}
]
},
"source": {
"advisory": "GHSA-rpxh-vg2x-526v",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-32720",
"datePublished": "2021-06-28T18:45:11",
"dateReserved": "2021-05-12T00:00:00",
"dateUpdated": "2024-08-03T23:25:31.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-15245 (GCVE-0-2020-15245)
Vulnerability from cvelistv5
Published
2020-10-19 20:50
Modified
2024-08-04 13:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - {"":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}
Summary
In Sylius before versions 1.6.9, 1.7.9 and 1.8.3, the user may register in a shop by email mail@example.com, verify it, change it to the mail another@domain.com and stay verified and enabled. This may lead to having accounts addressed to totally different emails, that were verified. Note, that this way one is not able to take over any existing account (guest or normal one). The issue has been patched in Sylius 1.6.9, 1.7.9 and 1.8.3. As a workaround, you may resolve this issue on your own by creating a custom event listener, which will listen to the sylius.customer.pre_update event. You can determine that email has been changed if customer email and user username are different. They are synchronized later on. Pay attention, to email changing behavior for administrators. You may need to skip this logic for them. In order to achieve this, you should either check master request path info, if it does not contain /admin prefix or adjust event triggered during customer update in the shop. You can find more information on how to customize the event here.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Sylius/Sylius/security/advisories/GHSA-6gw4-x63h-5499 | x_refsource_CONFIRM | |
| https://github.com/Sylius/Sylius/commit/60636d711a4011e8694d10d201b53632c7e8ecaf | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:08:23.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-6gw4-x63h-5499"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/commit/60636d711a4011e8694d10d201b53632c7e8ecaf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sylius",
"vendor": "Sylius",
"versions": [
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c 9.4.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Sylius before versions 1.6.9, 1.7.9 and 1.8.3, the user may register in a shop by email mail@example.com, verify it, change it to the mail another@domain.com and stay verified and enabled. This may lead to having accounts addressed to totally different emails, that were verified. Note, that this way one is not able to take over any existing account (guest or normal one). The issue has been patched in Sylius 1.6.9, 1.7.9 and 1.8.3. As a workaround, you may resolve this issue on your own by creating a custom event listener, which will listen to the sylius.customer.pre_update event. You can determine that email has been changed if customer email and user username are different. They are synchronized later on. Pay attention, to email changing behavior for administrators. You may need to skip this logic for them. In order to achieve this, you should either check master request path info, if it does not contain /admin prefix or adjust event triggered during customer update in the shop. You can find more information on how to customize the event here."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "{\"CWE-79\":\"Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-19T20:50:16",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-6gw4-x63h-5499"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Sylius/Sylius/commit/60636d711a4011e8694d10d201b53632c7e8ecaf"
}
],
"source": {
"advisory": "GHSA-6gw4-x63h-5499",
"discovery": "UNKNOWN"
},
"title": "Email verification bypass in Sylius",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-15245",
"STATE": "PUBLIC",
"TITLE": "Email verification bypass in Sylius"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sylius",
"version": {
"version_data": [
{
"version_value": "\u003e= 9.0.0, \u003c 9.4.4"
}
]
}
}
]
},
"vendor_name": "Sylius"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Sylius before versions 1.6.9, 1.7.9 and 1.8.3, the user may register in a shop by email mail@example.com, verify it, change it to the mail another@domain.com and stay verified and enabled. This may lead to having accounts addressed to totally different emails, that were verified. Note, that this way one is not able to take over any existing account (guest or normal one). The issue has been patched in Sylius 1.6.9, 1.7.9 and 1.8.3. As a workaround, you may resolve this issue on your own by creating a custom event listener, which will listen to the sylius.customer.pre_update event. You can determine that email has been changed if customer email and user username are different. They are synchronized later on. Pay attention, to email changing behavior for administrators. You may need to skip this logic for them. In order to achieve this, you should either check master request path info, if it does not contain /admin prefix or adjust event triggered during customer update in the shop. You can find more information on how to customize the event here."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "{\"CWE-79\":\"Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Sylius/Sylius/security/advisories/GHSA-6gw4-x63h-5499",
"refsource": "CONFIRM",
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-6gw4-x63h-5499"
},
{
"name": "https://github.com/Sylius/Sylius/commit/60636d711a4011e8694d10d201b53632c7e8ecaf",
"refsource": "MISC",
"url": "https://github.com/Sylius/Sylius/commit/60636d711a4011e8694d10d201b53632c7e8ecaf"
}
]
},
"source": {
"advisory": "GHSA-6gw4-x63h-5499",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-15245",
"datePublished": "2020-10-19T20:50:16",
"dateReserved": "2020-06-25T00:00:00",
"dateUpdated": "2024-08-04T13:08:23.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24742 (GCVE-0-2022-24742)
Vulnerability from cvelistv5
Published
2022-03-14 19:20
Modified
2025-04-23 18:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, any other user can view the data if browser tab remains unclosed after log out. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. A workaround is available. The application must strictly redirect to login page even browser back button is pressed. Another possibility is to set more strict cache policies for restricted content.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Sylius/Sylius/releases/tag/v1.10.11 | x_refsource_MISC | |
| https://github.com/Sylius/Sylius/releases/tag/v1.11.2 | x_refsource_MISC | |
| https://github.com/Sylius/Sylius/releases/tag/v1.9.10 | x_refsource_MISC | |
| https://github.com/Sylius/Sylius/security/advisories/GHSA-7563-75j9-6h5p | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:20:50.160Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-7563-75j9-6h5p"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-24742",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:09:05.327792Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:54:10.363Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sylius",
"vendor": "Sylius",
"versions": [
{
"status": "affected",
"version": "\u003c 1.9.10"
},
{
"status": "affected",
"version": "\u003e= 1.10.0, \u003c 1.10.11"
},
{
"status": "affected",
"version": "\u003e= 1.11.0, \u003c 1.11.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, any other user can view the data if browser tab remains unclosed after log out. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. A workaround is available. The application must strictly redirect to login page even browser back button is pressed. Another possibility is to set more strict cache policies for restricted content."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-14T19:20:10.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-7563-75j9-6h5p"
}
],
"source": {
"advisory": "GHSA-7563-75j9-6h5p",
"discovery": "UNKNOWN"
},
"title": "Exposure of Sensitive Information Due to Incompatible Policies in Sylius",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-24742",
"STATE": "PUBLIC",
"TITLE": "Exposure of Sensitive Information Due to Incompatible Policies in Sylius"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sylius",
"version": {
"version_data": [
{
"version_value": "\u003c 1.9.10"
},
{
"version_value": "\u003e= 1.10.0, \u003c 1.10.11"
},
{
"version_value": "\u003e= 1.11.0, \u003c 1.11.2"
}
]
}
}
]
},
"vendor_name": "Sylius"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, any other user can view the data if browser tab remains unclosed after log out. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. A workaround is available. The application must strictly redirect to login page even browser back button is pressed. Another possibility is to set more strict cache policies for restricted content."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11",
"refsource": "MISC",
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"name": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2",
"refsource": "MISC",
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"name": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10",
"refsource": "MISC",
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10"
},
{
"name": "https://github.com/Sylius/Sylius/security/advisories/GHSA-7563-75j9-6h5p",
"refsource": "CONFIRM",
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-7563-75j9-6h5p"
}
]
},
"source": {
"advisory": "GHSA-7563-75j9-6h5p",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-24742",
"datePublished": "2022-03-14T19:20:10.000Z",
"dateReserved": "2022-02-10T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:54:10.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-57610 (GCVE-0-2024-57610)
Vulnerability from cvelistv5
Published
2025-02-06 00:00
Modified
2025-02-07 15:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A rate limiting issue in Sylius v2.0.2 allows a remote attacker to perform unrestricted brute-force attacks on user accounts, significantly increasing the risk of account compromise and denial of service for legitimate users. The Supplier's position is that the Sylius core software is not intended to address brute-force attacks; instead, customers deploying a Sylius-based system are supposed to use "firewalls, rate-limiting middleware, or authentication providers" for that functionality.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-57610",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T15:57:40.484090Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T15:59:30.207Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A rate limiting issue in Sylius v2.0.2 allows a remote attacker to perform unrestricted brute-force attacks on user accounts, significantly increasing the risk of account compromise and denial of service for legitimate users. The Supplier\u0027s position is that the Sylius core software is not intended to address brute-force attacks; instead, customers deploying a Sylius-based system are supposed to use \"firewalls, rate-limiting middleware, or authentication providers\" for that functionality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T15:01:53.222Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/Sylius/Sylius"
},
{
"url": "https://sylius.com/"
},
{
"url": "https://github.com/nca785/CVE-2024-57610"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-57610",
"datePublished": "2025-02-06T00:00:00.000Z",
"dateReserved": "2025-01-09T00:00:00.000Z",
"dateUpdated": "2025-02-07T15:59:30.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3841 (GCVE-0-2021-3841)
Vulnerability from cvelistv5
Published
2024-11-15 10:52
Modified
2024-11-20 22:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
sylius/sylius versions prior to 1.9.10, 1.10.11, and 1.11.2 are vulnerable to stored cross-site scripting (XSS) through SVG files. This vulnerability allows attackers to inject malicious scripts that can be executed in the context of the user's browser.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| sylius | sylius/sylius |
Version: unspecified < 1.9.10, 1.10.11, 1.11.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-3841",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T22:35:41.459041Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T22:36:05.302Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sylius/sylius",
"vendor": "sylius",
"versions": [
{
"lessThan": "1.9.10, 1.10.11, 1.11.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "sylius/sylius versions prior to 1.9.10, 1.10.11, and 1.11.2 are vulnerable to stored cross-site scripting (XSS) through SVG files. This vulnerability allows attackers to inject malicious scripts that can be executed in the context of the user\u0027s browser."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T10:57:25.962Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/1625506791178-Sylius/Sylius"
},
{
"url": "https://github.com/sylius/sylius/commit/3da169e0c23e752974d74223cc536c29a2a82edc"
}
],
"source": {
"advisory": "1625506791178-Sylius/Sylius",
"discovery": "EXTERNAL"
},
"title": "Stored Cross-site Scripting (XSS) in sylius/sylius"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2021-3841",
"datePublished": "2024-11-15T10:52:01.371Z",
"dateReserved": "2021-09-30T10:17:10.364Z",
"dateUpdated": "2024-11-20T22:36:05.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29376 (GCVE-0-2024-29376)
Vulnerability from cvelistv5
Published
2024-04-22 00:00
Modified
2024-11-22 14:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Sylius 1.12.13 is vulnerable to Cross Site Scripting (XSS) via the "Province" field in Address Book.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:sylius:sylius:1.12.13:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sylius",
"vendor": "sylius",
"versions": [
{
"status": "affected",
"version": "1.12.13"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-29376",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-22T23:48:15.908012Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T14:28:29.018Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:10:54.518Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/r2tunes/Reports/blob/main/Sylius.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sylius 1.12.13 is vulnerable to Cross Site Scripting (XSS) via the \"Province\" field in Address Book."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-22T18:43:52.779188",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/r2tunes/Reports/blob/main/Sylius.md"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-29376",
"datePublished": "2024-04-22T00:00:00",
"dateReserved": "2024-03-19T00:00:00",
"dateUpdated": "2024-11-22T14:28:29.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2022-03-14 22:15
Modified
2024-11-21 06:51
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Sylius is an open source eCommerce platform. In versions prior to 1.9.10, 1.10.11, and 1.11.2, it is possible to upload an SVG file containing cross-site scripting (XSS) code in the admin panel. In order to perform a XSS attack, the file itself has to be open in a new card or loaded outside of the IMG tag. The problem applies both to the files opened on the admin panel and shop pages. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. As a workaround, require a library that adds on-upload file sanitization and overwrite the service before writing the file to the filesystem. The GitHub Security Advisory contains more specific information about the workaround.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/Sylius/Sylius/releases/tag/v1.10.11 | Third Party Advisory | |
| security-advisories@github.com | https://github.com/Sylius/Sylius/releases/tag/v1.11.2 | Third Party Advisory | |
| security-advisories@github.com | https://github.com/Sylius/Sylius/releases/tag/v1.9.10 | Third Party Advisory | |
| security-advisories@github.com | https://github.com/Sylius/Sylius/security/advisories/GHSA-4qrp-27r3-66fj | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Sylius/Sylius/releases/tag/v1.10.11 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Sylius/Sylius/releases/tag/v1.11.2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Sylius/Sylius/releases/tag/v1.9.10 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Sylius/Sylius/security/advisories/GHSA-4qrp-27r3-66fj | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B404E6-8985-428A-A7C4-880A4947766B",
"versionEndExcluding": "1.9.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "687E9BB6-A926-4A62-B44E-7A1B236D6C6F",
"versionEndExcluding": "1.10.11",
"versionStartIncluding": "1.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D032BB-B314-42A5-808D-5861B909F76F",
"versionEndExcluding": "1.11.2",
"versionStartIncluding": "1.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sylius is an open source eCommerce platform. In versions prior to 1.9.10, 1.10.11, and 1.11.2, it is possible to upload an SVG file containing cross-site scripting (XSS) code in the admin panel. In order to perform a XSS attack, the file itself has to be open in a new card or loaded outside of the IMG tag. The problem applies both to the files opened on the admin panel and shop pages. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. As a workaround, require a library that adds on-upload file sanitization and overwrite the service before writing the file to the filesystem. The GitHub Security Advisory contains more specific information about the workaround."
},
{
"lang": "es",
"value": "Sylius es una plataforma de comercio electr\u00f3nico de c\u00f3digo abierto. En versiones anteriores a 1.9.10, 1.10.11 y 1.11.2, es posible cargar un archivo SVG que contenga c\u00f3digo de tipo cross-site scripting (XSS) en el panel de administraci\u00f3n. Para llevar a cabo un ataque de tipo XSS, el propio archivo tiene que abrirse en una nueva tarjeta o cargarse fuera de la etiqueta IMG. El problema es aplicado tanto a los archivos abiertos en el panel de administraci\u00f3n como a las p\u00e1ginas de la tienda. El problema est\u00e1 corregido en versiones 1.9.10, 1.10.11 y 1.11.2. Como medida de mitigaci\u00f3n, requiera una biblioteca que a\u00f1ada saneo de archivos al cargar y sobrescriba el servicio antes de escribir el archivo en el sistema de archivos. El aviso de seguridad de GitHub contiene informaci\u00f3n m\u00e1s espec\u00edfica sobre la mitigaci\u00f3n"
}
],
"id": "CVE-2022-24749",
"lastModified": "2024-11-21T06:51:00.700",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-14T22:15:07.610",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-4qrp-27r3-66fj"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-4qrp-27r3-66fj"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-80"
},
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-14 19:15
Modified
2024-11-21 06:50
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, it is possible for a page controlled by an attacker to load the website within an iframe. This will enable a clickjacking attack, in which the attacker's page overlays the target application's interface with a different interface provided by the attacker. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. A workaround is available. Every response from app should have an X-Frame-Options header set to: ``sameorigin``. To achieve that, add a new `subscriber` in the app.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B404E6-8985-428A-A7C4-880A4947766B",
"versionEndExcluding": "1.9.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "687E9BB6-A926-4A62-B44E-7A1B236D6C6F",
"versionEndExcluding": "1.10.11",
"versionStartIncluding": "1.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D032BB-B314-42A5-808D-5861B909F76F",
"versionEndExcluding": "1.11.2",
"versionStartIncluding": "1.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, it is possible for a page controlled by an attacker to load the website within an iframe. This will enable a clickjacking attack, in which the attacker\u0027s page overlays the target application\u0027s interface with a different interface provided by the attacker. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. A workaround is available. Every response from app should have an X-Frame-Options header set to: ``sameorigin``. To achieve that, add a new `subscriber` in the app."
},
{
"lang": "es",
"value": "Sylius es una plataforma de comercio electr\u00f3nico de c\u00f3digo abierto. En versiones anteriores a 1.9.10, 1.10.11 y 1.11.2, es posible que una p\u00e1gina controlada por un atacante cargue el sitio web dentro de un iframe. Esto permitir\u00eda un ataque de clickjacking, en el que la p\u00e1gina del atacante superpone la interfaz de la aplicaci\u00f3n objetivo con una interfaz diferente proporcionada por el atacante. El problema ha sido corregido en versiones 1.9.10, 1.10.11 y 1.11.2. Se presenta una medida de mitigaci\u00f3n disponible. Cada respuesta de la aplicaci\u00f3n debe tener un encabezado X-Frame-Options configurada como \"sameorigin\". Para conseguirlo, a\u00f1ada un nuevo \"subscriber\" en la aplicaci\u00f3n"
}
],
"id": "CVE-2022-24733",
"lastModified": "2024-11-21T06:50:58.550",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-14T19:15:12.173",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-4jp3-q2qm-9fmw"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-4jp3-q2qm-9fmw"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-28 19:15
Modified
2024-11-21 06:07
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
Sylius is an Open Source eCommerce platform on top of Symfony. In versions of Sylius prior to 1.9.5 and 1.10.0-RC.1, part of the details (order ID, order number, items total, and token value) of all placed orders were exposed to unauthorized users. If exploited properly, a few additional information like the number of items in the cart and the date of the shipping may be fetched as well. This data seems to not be crucial nor is personal data, however, could be used for sociotechnical attacks or may expose a few details about shop condition to the third parties. The data possible to aggregate are the number of processed orders or their value in the moment of time. The problem has been patched at Sylius 1.9.5 and 1.10.0-RC.1. There are a few workarounds for the vulnerability. The first possible solution is to hide the problematic endpoints behind the firewall from not logged in users. This would put only the order list under the firewall and allow only authorized users to access it. Once a user is authorized, it will have access to theirs orders only. The second possible solution is to decorate the `\Sylius\Bundle\ApiBundle\Doctrine\QueryCollectionExtension\OrdersByLoggedInUserExtension` and throw `Symfony\Component\Security\Core\Exception\AccessDeniedException` if the class is executed for unauthorized user.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/Sylius/Sylius/releases/tag/v1.9.5 | Release Notes, Third Party Advisory | |
| security-advisories@github.com | https://github.com/Sylius/Sylius/security/advisories/GHSA-rpxh-vg2x-526v | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Sylius/Sylius/releases/tag/v1.9.5 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Sylius/Sylius/security/advisories/GHSA-rpxh-vg2x-526v | Mitigation, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE4E23B-2717-4743-89D6-4229457048E2",
"versionEndExcluding": "1.9.5",
"versionStartIncluding": "1.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sylius is an Open Source eCommerce platform on top of Symfony. In versions of Sylius prior to 1.9.5 and 1.10.0-RC.1, part of the details (order ID, order number, items total, and token value) of all placed orders were exposed to unauthorized users. If exploited properly, a few additional information like the number of items in the cart and the date of the shipping may be fetched as well. This data seems to not be crucial nor is personal data, however, could be used for sociotechnical attacks or may expose a few details about shop condition to the third parties. The data possible to aggregate are the number of processed orders or their value in the moment of time. The problem has been patched at Sylius 1.9.5 and 1.10.0-RC.1. There are a few workarounds for the vulnerability. The first possible solution is to hide the problematic endpoints behind the firewall from not logged in users. This would put only the order list under the firewall and allow only authorized users to access it. Once a user is authorized, it will have access to theirs orders only. The second possible solution is to decorate the `\\Sylius\\Bundle\\ApiBundle\\Doctrine\\QueryCollectionExtension\\OrdersByLoggedInUserExtension` and throw `Symfony\\Component\\Security\\Core\\Exception\\AccessDeniedException` if the class is executed for unauthorized user."
},
{
"lang": "es",
"value": "Sylius es una plataforma Open Source eCommerce sobre Symfony. En las versiones de Sylius anteriores a 1.9.5 y 1.10.0-RC.1, parte de los detalles (ID del pedido, n\u00famero de pedido, total de art\u00edculos y valor del token) de todos los pedidos colocados estaban expuestos a usuarios no autorizados. Si es explotado apropiadamente, tambi\u00e9n se pueden obtener algunos datos adicionales como el n\u00famero de art\u00edculos en el carrito y la fecha de env\u00edo. Estos datos no parecen ser cruciales ni son datos personales, sin embargo, podr\u00edan ser usados para ataques sociot\u00e9cnicos o pueden exponer algunos detalles sobre el estado de la tienda a terceros. Los posibles datos que se pueden agregar son el n\u00famero de pedidos procesados o su valor en el momento. El problema ha sido parcheado en Sylius versiones 1.9.5 y 1.10.0-RC.1. Se presentan algunas soluciones para la vulnerabilidad. La primera soluci\u00f3n posible es ocultar los endpoints problem\u00e1ticos detr\u00e1s del firewall de los usuarios no conectados. Esto pondr\u00eda s\u00f3lo la lista de pedidos bajo el firewall y permitir\u00eda que s\u00f3lo los usuarios autorizados accedieran a ella. Una vez que un usuario est\u00e1 autorizado, s\u00f3lo tendr\u00e1 acceso a sus pedidos. La segunda soluci\u00f3n posible es decorar el \"Sylius\\Bundle\\ApiBundle\\Doctrine\\QueryCollectionExtension\\OrdersByLoggedInUserExtension\" y lanzar \"Symfony\\Component\\Security\\Core\\Exception\\AccessDeniedException\" si la clase es ejecutada por un usuario no autorizado"
}
],
"id": "CVE-2021-32720",
"lastModified": "2024-11-21T06:07:35.787",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-28T19:15:11.397",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.5"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-rpxh-vg2x-526v"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-rpxh-vg2x-526v"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-14 20:15
Modified
2024-11-21 06:50
Severity ?
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Summary
Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, any other user can view the data if browser tab remains unclosed after log out. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. A workaround is available. The application must strictly redirect to login page even browser back button is pressed. Another possibility is to set more strict cache policies for restricted content.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B404E6-8985-428A-A7C4-880A4947766B",
"versionEndExcluding": "1.9.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "687E9BB6-A926-4A62-B44E-7A1B236D6C6F",
"versionEndExcluding": "1.10.11",
"versionStartIncluding": "1.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D032BB-B314-42A5-808D-5861B909F76F",
"versionEndExcluding": "1.11.2",
"versionStartIncluding": "1.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sylius is an open source eCommerce platform. Prior to versions 1.9.10, 1.10.11, and 1.11.2, any other user can view the data if browser tab remains unclosed after log out. The issue is fixed in versions 1.9.10, 1.10.11, and 1.11.2. A workaround is available. The application must strictly redirect to login page even browser back button is pressed. Another possibility is to set more strict cache policies for restricted content."
},
{
"lang": "es",
"value": "Sylius es una plataforma de comercio electr\u00f3nico de c\u00f3digo abierto. En versiones anteriores a 1.9.10, 1.10.11 y 1.11.2, cualquier otro usuario pod\u00eda visualizar los datos si la pesta\u00f1a del navegador permanec\u00eda sin cerrar despu\u00e9s de cerrar la sesi\u00f3n. El problema ha sido solucionado en versiones 1.9.10, 1.10.11 y 1.11.2. Se presenta una medida de mitigaci\u00f3n disponible. La aplicaci\u00f3n debe redirigir estrictamente a la p\u00e1gina de inicio de sesi\u00f3n incluso si es pulsado el bot\u00f3n de retroceso del navegador. Otra posibilidad es establecer pol\u00edticas de cach\u00e9 m\u00e1s estrictas para el contenido restringido"
}
],
"id": "CVE-2022-24742",
"lastModified": "2024-11-21T06:50:59.840",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-14T20:15:08.683",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-7563-75j9-6h5p"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.9.10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-7563-75j9-6h5p"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-12-05 20:15
Modified
2024-11-21 04:31
Severity ?
3.5 (Low) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
In affected versions of Sylius, exception messages from internal exceptions (like database exception) are wrapped by \Symfony\Component\Security\Core\Exception\AuthenticationServiceException and propagated through the system to UI. Therefore, some internal system information may leak and be visible to the customer. A validation message with the exception details will be presented to the user when one will try to log into the shop. This has been patched in versions 1.3.14, 1.4.10, 1.5.7, and 1.6.3.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "775912B0-A604-4155-AADD-870B1E3F9519",
"versionEndExcluding": "1.3.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC5C9FB3-982A-463A-B9D6-E51CC6299DAF",
"versionEndExcluding": "1.4.10",
"versionStartIncluding": "1.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76962E39-CE3E-4406-84D3-904127B845B2",
"versionEndExcluding": "1.5.7",
"versionStartIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6433D719-0A14-42DA-8F34-4EAEAE6AB71B",
"versionEndExcluding": "1.6.3",
"versionStartIncluding": "1.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In affected versions of Sylius, exception messages from internal exceptions (like database exception) are wrapped by \\Symfony\\Component\\Security\\Core\\Exception\\AuthenticationServiceException and propagated through the system to UI. Therefore, some internal system information may leak and be visible to the customer. A validation message with the exception details will be presented to the user when one will try to log into the shop. This has been patched in versions 1.3.14, 1.4.10, 1.5.7, and 1.6.3."
},
{
"lang": "es",
"value": "Unos mensajes de excepci\u00f3n de las excepciones internas (como la excepci\u00f3n de la base de datos) est\u00e1n empaquetados por \\Symfony\\Component\\Security\\Core\\Exception\\AuthenticationServiceException y se propagan por medio del sistema a la Interfaz de Usuario. Por lo tanto, algo de la informaci\u00f3n interna del sistema puede filtrarse y ser visible para el cliente. Un mensaje de comprobaci\u00f3n con los detalles de la excepci\u00f3n ser\u00e1 presentado al usuario cuando uno intentase iniciar sesi\u00f3n en la tienda."
}
],
"id": "CVE-2019-16768",
"lastModified": "2024-11-21T04:31:09.083",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-05T20:15:09.997",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/Sylius/Sylius/commit/be245302dfc594d8690fe50dd47631d186aa945f"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-3r8j-pmch-5j2h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/Sylius/Sylius/commit/be245302dfc594d8690fe50dd47631d186aa945f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-3r8j-pmch-5j2h"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-209"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-209"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-27 21:15
Modified
2024-11-21 05:33
Severity ?
4.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
Affected versions of Sylius give attackers the ability to switch channels via the _channel_code GET parameter in production environments. This was meant to be enabled only when kernel.debug is set to true. However, if no sylius_channel.debug is set explicitly in the configuration, the default value which is kernel.debug will be not resolved and cast to boolean, enabling this debug feature even if that parameter is set to false. Patch has been provided for Sylius 1.3.x and newer - 1.3.16, 1.4.12, 1.5.9, 1.6.5. Versions older than 1.3 are not covered by our security support anymore.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "399C586A-2C6D-4841-98C4-AF73C86761E5",
"versionEndExcluding": "1.3.13",
"versionStartIncluding": "1.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03DA8841-88D7-4832-9271-C3E96AAE4656",
"versionEndExcluding": "1.4.6",
"versionStartIncluding": "1.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6433D719-0A14-42DA-8F34-4EAEAE6AB71B",
"versionEndExcluding": "1.6.3",
"versionStartIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:1.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "AD4BD5EC-CC2E-4F7F-AC4E-908D1354B7A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Affected versions of Sylius give attackers the ability to switch channels via the _channel_code GET parameter in production environments. This was meant to be enabled only when kernel.debug is set to true. However, if no sylius_channel.debug is set explicitly in the configuration, the default value which is kernel.debug will be not resolved and cast to boolean, enabling this debug feature even if that parameter is set to false. Patch has been provided for Sylius 1.3.x and newer - 1.3.16, 1.4.12, 1.5.9, 1.6.5. Versions older than 1.3 are not covered by our security support anymore."
},
{
"lang": "es",
"value": "Las versiones afectadas de Sylius otorgan a atacantes la capacidad de cambiar canales por medio del par\u00e1metro GET de _channel_code en entornos de producci\u00f3n. Esto estaba destinado a ser habilitado solo cuando kernel.debug es seteado en verdadero. Sin embargo, si no se establece expl\u00edcitamente sylius_channel.debug en la configuraci\u00f3n, el valor predeterminado que es kernel.debug no se resolver\u00e1 y se convertir\u00e1 en booleano, habilitando esta funcionalidad de depuraci\u00f3n incluso si ese par\u00e1metro se establece en falso. El path se ha proporcionado para Sylius versiones 1.3.x y posteriores; versiones 1.3.16, 1.4.12, 1.5.9, 1.6.5. Las versiones anteriores a la 1.3 ya no est\u00e1n cubiertas por nuestro soporte de seguridad."
}
],
"id": "CVE-2020-5218",
"lastModified": "2024-11-21T05:33:42.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 2.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-27T21:15:11.307",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/sylius/resource-bundle/CVE-2020-5220.yaml"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/SyliusResourceBundle/security/advisories/GHSA-8vp7-j5cj-vvm2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/sylius/resource-bundle/CVE-2020-5220.yaml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/SyliusResourceBundle/security/advisories/GHSA-8vp7-j5cj-vvm2"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-444"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-444"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-15 11:15
Modified
2024-11-19 17:11
Severity ?
Summary
sylius/sylius versions prior to 1.9.10, 1.10.11, and 1.11.2 are vulnerable to stored cross-site scripting (XSS) through SVG files. This vulnerability allows attackers to inject malicious scripts that can be executed in the context of the user's browser.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B404E6-8985-428A-A7C4-880A4947766B",
"versionEndExcluding": "1.9.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "687E9BB6-A926-4A62-B44E-7A1B236D6C6F",
"versionEndExcluding": "1.10.11",
"versionStartIncluding": "1.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D032BB-B314-42A5-808D-5861B909F76F",
"versionEndExcluding": "1.11.2",
"versionStartIncluding": "1.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sylius/sylius versions prior to 1.9.10, 1.10.11, and 1.11.2 are vulnerable to stored cross-site scripting (XSS) through SVG files. This vulnerability allows attackers to inject malicious scripts that can be executed in the context of the user\u0027s browser."
},
{
"lang": "es",
"value": "Las versiones de sylius/sylius anteriores a 1.9.10, 1.10.11 y 1.11.2 son vulnerables a cross-site scripting (XSS) almacenado a trav\u00e9s de archivos SVG. Esta vulnerabilidad permite a los atacantes inyectar secuencias de comandos maliciosas que pueden ejecutarse en el contexto del navegador del usuario."
}
],
"id": "CVE-2021-3841",
"lastModified": "2024-11-19T17:11:49.017",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 0.7,
"impactScore": 3.4,
"source": "security@huntr.dev",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-11-15T11:15:05.980",
"references": [
{
"source": "security@huntr.dev",
"tags": [
"Patch"
],
"url": "https://github.com/sylius/sylius/commit/3da169e0c23e752974d74223cc536c29a2a82edc"
},
{
"source": "security@huntr.dev",
"tags": [
"Broken Link"
],
"url": "https://huntr.com/bounties/1625506791178-Sylius/Sylius"
}
],
"sourceIdentifier": "security@huntr.dev",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@huntr.dev",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-14 21:15
Modified
2024-11-21 06:50
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Summary
Sylius is an open source eCommerce platform. Prior to versions 1.10.11 and 1.11.2, the reset password token was not set to null after the password was changed. The same token could be used several times, which could result in leak of the existing token and unauthorized password change. The issue is fixed in versions 1.10.11 and 1.11.2. As a workaround, overwrite the `Sylius\Bundle\ApiBundle\CommandHandler\ResetPasswordHandler` class with code provided by the maintainers and register it in a container. More information about this workaround is available in the GitHub Security Advisory.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/Sylius/Sylius/releases/tag/v1.10.11 | Third Party Advisory | |
| security-advisories@github.com | https://github.com/Sylius/Sylius/releases/tag/v1.11.2 | Third Party Advisory | |
| security-advisories@github.com | https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Sylius/Sylius/releases/tag/v1.10.11 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Sylius/Sylius/releases/tag/v1.11.2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "687E9BB6-A926-4A62-B44E-7A1B236D6C6F",
"versionEndExcluding": "1.10.11",
"versionStartIncluding": "1.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D032BB-B314-42A5-808D-5861B909F76F",
"versionEndExcluding": "1.11.2",
"versionStartIncluding": "1.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sylius is an open source eCommerce platform. Prior to versions 1.10.11 and 1.11.2, the reset password token was not set to null after the password was changed. The same token could be used several times, which could result in leak of the existing token and unauthorized password change. The issue is fixed in versions 1.10.11 and 1.11.2. As a workaround, overwrite the `Sylius\\Bundle\\ApiBundle\\CommandHandler\\ResetPasswordHandler` class with code provided by the maintainers and register it in a container. More information about this workaround is available in the GitHub Security Advisory."
},
{
"lang": "es",
"value": "Sylius es una plataforma de comercio electr\u00f3nico de c\u00f3digo abierto. En versiones anteriores a 1.10.11 y 1.11.2, el token de restablecimiento de contrase\u00f1a no se establec\u00eda como nulo despu\u00e9s de cambiar la contrase\u00f1a. El mismo token pod\u00eda ser usado varias veces, lo que pod\u00eda resultar en un filtrado del token existente y a un cambio de contrase\u00f1a no autorizado. El problema ha sido corregido en versiones 1.10.11 y 1.11.2. Como medida de mitigaci\u00f3n, sobrescriba la clase \"Sylius\\Bundle\\ApiBundle\\CommandHandler\\ResetPasswordHandler\" con el c\u00f3digo proporcionado por los mantenedores y reg\u00edstrela en un contenedor. M\u00e1s informaci\u00f3n sobre esta medida de mitigaci\u00f3n est\u00e1 disponible en el aviso de seguridad de GitHub"
}
],
"id": "CVE-2022-24743",
"lastModified": "2024-11-21T06:50:59.970",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-14T21:15:07.947",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.10.11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/releases/tag/v1.11.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-mf3v-f2qq-pf9g"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-613"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-613"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-19 21:15
Modified
2024-11-21 05:05
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
In Sylius before versions 1.6.9, 1.7.9 and 1.8.3, the user may register in a shop by email mail@example.com, verify it, change it to the mail another@domain.com and stay verified and enabled. This may lead to having accounts addressed to totally different emails, that were verified. Note, that this way one is not able to take over any existing account (guest or normal one). The issue has been patched in Sylius 1.6.9, 1.7.9 and 1.8.3. As a workaround, you may resolve this issue on your own by creating a custom event listener, which will listen to the sylius.customer.pre_update event. You can determine that email has been changed if customer email and user username are different. They are synchronized later on. Pay attention, to email changing behavior for administrators. You may need to skip this logic for them. In order to achieve this, you should either check master request path info, if it does not contain /admin prefix or adjust event triggered during customer update in the shop. You can find more information on how to customize the event here.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/Sylius/Sylius/commit/60636d711a4011e8694d10d201b53632c7e8ecaf | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/Sylius/Sylius/security/advisories/GHSA-6gw4-x63h-5499 | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Sylius/Sylius/commit/60636d711a4011e8694d10d201b53632c7e8ecaf | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Sylius/Sylius/security/advisories/GHSA-6gw4-x63h-5499 | Mitigation, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E8B8E9-D805-4E1A-8AB4-B06B322668DA",
"versionEndExcluding": "1.6.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C4F2B73-6B56-4226-9F97-F5B3C2F14B4F",
"versionEndExcluding": "1.7.9",
"versionStartIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B995A95C-06CD-46C4-90C4-FF42915BAFAF",
"versionEndExcluding": "1.8.3",
"versionStartIncluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Sylius before versions 1.6.9, 1.7.9 and 1.8.3, the user may register in a shop by email mail@example.com, verify it, change it to the mail another@domain.com and stay verified and enabled. This may lead to having accounts addressed to totally different emails, that were verified. Note, that this way one is not able to take over any existing account (guest or normal one). The issue has been patched in Sylius 1.6.9, 1.7.9 and 1.8.3. As a workaround, you may resolve this issue on your own by creating a custom event listener, which will listen to the sylius.customer.pre_update event. You can determine that email has been changed if customer email and user username are different. They are synchronized later on. Pay attention, to email changing behavior for administrators. You may need to skip this logic for them. In order to achieve this, you should either check master request path info, if it does not contain /admin prefix or adjust event triggered during customer update in the shop. You can find more information on how to customize the event here."
},
{
"lang": "es",
"value": "En Sylius versiones anteriores a 1.6.9, 1.7.9 y 1.8.3, el usuario puede registrarse en una tienda mediante el correo electr\u00f3nico mail@example.com, verificarlo, cambiarlo al correo another@domain.com y permanecer verificado y habilitado.\u0026#xa0;Esto puede conllevar a tener cuentas dirigidas a correos electr\u00f3nicos totalmente diferentes, que fueron verificados.\u0026#xa0;Tome en cuenta que de esta manera uno no es capaz de tomar el control de ninguna cuenta existente (de invitado o normal).\u0026#xa0;El problema ha sido parcheado en Sylius versiones 1.6.9, 1.7.9 y 1.8.3.\u0026#xa0;Como soluci\u00f3n alternativa, puede resolver este problema por su cuenta mediante la creaci\u00f3n de un detector de eventos personalizado, que escuchar\u00e1 el evento sylius.customer.pre_update.\u0026#xa0;Puede determinar que el correo electr\u00f3nico ha sido cambiado si el correo electr\u00f3nico del cliente y el nombre de usuario son diferentes.\u0026#xa0;Estos se sincronizan m\u00e1s tarde.\u0026#xa0;Preste atenci\u00f3n al comportamiento cambiante del correo electr\u00f3nico para los administradores.\u0026#xa0;Puede necesitar omitir esta l\u00f3gica para ellos.\u0026#xa0;En funci\u00f3n de lograr esto,\u0026#xa0;debe comprobar la informaci\u00f3n de la ruta de petici\u00f3n maestra, si no contiene el prefijo /admin o ajustar el evento activado durante la actualizaci\u00f3n del cliente en la tienda.\u0026#xa0;Puede encontrar m\u00e1s informaci\u00f3n sobre c\u00f3mo personalizar el evento aqu\u00ed"
}
],
"id": "CVE-2020-15245",
"lastModified": "2024-11-21T05:05:10.723",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-19T21:15:12.810",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/commit/60636d711a4011e8694d10d201b53632c7e8ecaf"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-6gw4-x63h-5499"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/commit/60636d711a4011e8694d10d201b53632c7e8ecaf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-6gw4-x63h-5499"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-04-22 19:15
Modified
2025-09-15 15:50
Severity ?
Summary
Sylius 1.12.13 is vulnerable to Cross Site Scripting (XSS) via the "Province" field in Address Book.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/r2tunes/Reports/blob/main/Sylius.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/r2tunes/Reports/blob/main/Sylius.md | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sylius:sylius:1.12.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3107549E-A532-4A0A-AF4F-0FCA8254A684",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sylius 1.12.13 is vulnerable to Cross Site Scripting (XSS) via the \"Province\" field in Address Book."
},
{
"lang": "es",
"value": "Sylius 1.12.13 es vulnerable a Cross Site Scripting (XSS) a trav\u00e9s del campo \"Provincia\" en la Libreta de direcciones."
}
],
"id": "CVE-2024-29376",
"lastModified": "2025-09-15T15:50:07.947",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-04-22T19:15:46.560",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/r2tunes/Reports/blob/main/Sylius.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/r2tunes/Reports/blob/main/Sylius.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-02-06 18:15
Modified
2025-09-19 19:07
Severity ?
Summary
A rate limiting issue in Sylius v2.0.2 allows a remote attacker to perform unrestricted brute-force attacks on user accounts, significantly increasing the risk of account compromise and denial of service for legitimate users. The Supplier's position is that the Sylius core software is not intended to address brute-force attacks; instead, customers deploying a Sylius-based system are supposed to use "firewalls, rate-limiting middleware, or authentication providers" for that functionality.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/Sylius/Sylius | Product | |
| cve@mitre.org | https://github.com/nca785/CVE-2024-57610 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://sylius.com/ | Product |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sylius:sylius:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B01DD7BD-B52D-4EC8-82CE-E42FD054FA68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A rate limiting issue in Sylius v2.0.2 allows a remote attacker to perform unrestricted brute-force attacks on user accounts, significantly increasing the risk of account compromise and denial of service for legitimate users. The Supplier\u0027s position is that the Sylius core software is not intended to address brute-force attacks; instead, customers deploying a Sylius-based system are supposed to use \"firewalls, rate-limiting middleware, or authentication providers\" for that functionality."
},
{
"lang": "es",
"value": "Un problema de limitaci\u00f3n de velocidad en Sylius v2.0.2 permite a un atacante remoto realizar ataques de fuerza bruta sin restricciones en cuentas de usuario, lo que aumenta significativamente el riesgo de comprometer la cuenta y denegar el servicio para usuarios leg\u00edtimos."
}
],
"id": "CVE-2024-57610",
"lastModified": "2025-09-19T19:07:05.667",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-02-06T18:15:32.133",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://github.com/Sylius/Sylius"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/nca785/CVE-2024-57610"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://sylius.com/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-307"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-12-31 15:15
Modified
2024-11-21 04:22
Severity ?
Summary
An issue was discovered in Sylius products. Missing input sanitization in sylius/sylius 1.0.x through 1.0.18, 1.1.x through 1.1.17, 1.2.x through 1.2.16, 1.3.x through 1.3.11, and 1.4.x through 1.4.3 and sylius/grid 1.0.x through 1.0.18, 1.1.x through 1.1.18, 1.2.x through 1.2.17, 1.3.x through 1.3.12, 1.4.x through 1.4.4, and 1.5.0 allows an attacker (an admin in the sylius/sylius case) to perform XSS by injecting malicious code into a field displayed in a grid with the "string" field type. The contents are an object, with malicious code returned by the __toString() method of that object.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://sylius.com/blog/cve-2019-12186/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sylius.com/blog/cve-2019-12186/ | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sylius:grid:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC911003-6FB4-4013-878E-2696E5FBDB45",
"versionEndIncluding": "1.0.18",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:grid:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E46AF7C5-BFCD-4533-8F88-889E7D232178",
"versionEndIncluding": "1.1.18",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:grid:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17C678EC-4743-4502-9D43-058723BEB637",
"versionEndIncluding": "1.2.17",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:grid:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54FE2F5A-AF55-4A65-9E0F-15B376C58082",
"versionEndIncluding": "1.3.12",
"versionStartIncluding": "1.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:grid:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB208C61-D7DB-4A34-BB81-7F03361F5C70",
"versionEndIncluding": "1.4.4",
"versionStartIncluding": "1.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:grid:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8B826636-EE5E-43D0-B232-4F927FC3DDD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA67723-4EFB-4EE2-A3BE-4260C94EA2DE",
"versionEndIncluding": "1.0.18",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8687DE9-3CE1-4D96-B9FC-0EDAD2E40364",
"versionEndIncluding": "1.1.17",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8009B7D8-1286-456D-861D-CB5D10E72923",
"versionEndIncluding": "1.2.16",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "900547C2-8641-4430-ACEA-CDEF046D69D4",
"versionEndIncluding": "1.3.11",
"versionStartIncluding": "1.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylius:sylius:*:*:*:*:*:*:*:*",
"matchCriteriaId": "188939AC-CC0A-496C-BCD4-25934D8BAADE",
"versionEndIncluding": "1.4.3",
"versionStartIncluding": "1.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Sylius products. Missing input sanitization in sylius/sylius 1.0.x through 1.0.18, 1.1.x through 1.1.17, 1.2.x through 1.2.16, 1.3.x through 1.3.11, and 1.4.x through 1.4.3 and sylius/grid 1.0.x through 1.0.18, 1.1.x through 1.1.18, 1.2.x through 1.2.17, 1.3.x through 1.3.12, 1.4.x through 1.4.4, and 1.5.0 allows an attacker (an admin in the sylius/sylius case) to perform XSS by injecting malicious code into a field displayed in a grid with the \"string\" field type. The contents are an object, with malicious code returned by the __toString() method of that object."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en los productos Sylius. Una perdida de saneamiento de la entrada en sylius/sylius versiones 1.0.x hasta 1.0.18, 1.1.x hasta 1.1.17, 1.2.x hasta 1.2.16, 1.3.x hasta 1.3.11 y 1.4.x hasta 1.4.3 y sylius/grid versiones 1.0.x hasta 1.0.18, versiones 1.1.x hasta 1.1.18, versiones 1.2.x hasta 1.2.17, versiones 1.3.x hasta 1.3.12, versiones 1.4.x hasta 1.4.4 y versi\u00f3n 1.5.0, permite a un atacante (un administrador en el caso de sylius/sylius) llevar a cabo un ataque de tipo XSS mediante una inyecci\u00f3n de c\u00f3digo malicioso en un campo que se muestra en una cuadr\u00edcula con el tipo de campo \"string\". El contenido es un objeto, con c\u00f3digo malicioso devuelto por el m\u00e9todo __toString() de ese objeto."
}
],
"id": "CVE-2019-12186",
"lastModified": "2024-11-21T04:22:23.713",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-31T15:15:10.957",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://sylius.com/blog/cve-2019-12186/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sylius.com/blog/cve-2019-12186/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}