CVE-2021-32713 – Alert Detail – Security Database

ByPR 24

Executive Summary

Informations
Name CVE-2021-32713 First vendor Publication 2021-06-24
Vendor Cve Last vendor Modification 2021-06-25

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

Shopware is an open source eCommerce platform. Versions prior to 5.6.10 suffer from an authenticated stored XSS in administration vulnerability. Users are recommend to update to the version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download overview.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32713

Sources (Detail)

Alert History

If you want to see full details history, please login or register.

0

1

Date Informations
2021-06-25 09:22:47
2021-06-25 00:22:48

Similar Posts

Illinois Man Convicted of Running DDoS Facilitation Websites

Illinois Man Convicted of Running DDoS Facilitation Websites

ByPR 24

Cybercrime , Cybercrime as-a-service , DDoS Protection Matthew Gatrel Offered Subscription-Based Computer Attack Platforms Prajeet Nair (@prajeetspeaks) • September 19, 2021     An Illinois man has been found guilty of running subscription-based distributed denial of service attacks that flood targeted computers with information and prevent them from being able to access the internet, reports…

At NATO, Biden says defence of Europe a ‘sacred obligation’

At NATO, Biden says defence of Europe a ‘sacred obligation’

ByPR 24

BRUSSELS: US President Joe Biden told fellow NATO leaders on Monday (Jun 14) the defence of Europe, Turkey and Canada was a “sacred obligation” for the United States, a marked shift from his predecessor Donald Trump’s threats to withdraw from the military alliance. Arriving in Brussels from the weekend’s G7 summit in England, Biden again sought to…

Intuit notifies customers of compromised TurboTax accounts

Intuit notifies customers of compromised TurboTax accounts

ByPR 24

Financial software company Intuit has notified TurboTax customers that some of their personal and financial information was accessed by attackers following what looks like a series of account takeover attacks. In a breach notification letter sent to affected customers earlier this month, the company said that this was not a “systemic data breach of Intuit.”…

Siloscape malware targets Windows containers, breaks through to the underlying Kubernetes cluster • The Register

Siloscape malware targets Windows containers, breaks through to the underlying Kubernetes cluster • The Register

ByPR 24

A reverse engineer has discovered what is claimed to be “the first known malware targeting Windows containers to compromise cloud environments,” a sentence to put any system administrator on edge. Building on work published in December of last year on reverse-engineering Windows containers, security researcher Daniel Prizmant’s latest discovery – made during his day job…

CVE-2021-21973

CVE-2021-21973

ByPR 24

The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue by sending a POST request to vCenter Server plugin leading to information disclosure.