|
|
 |
Sonicwall Signatures
Go to All Categories list.
| | Shopware loadPreviewAction XXE Injection |
Category: WEB-ATTACKS
| Shopware before 5.3.4 has a PHP Object Instantiation issue via the sort parameter to the loadPreviewAction() method of the Shopware_Controllers_Backend_ProductStream controller, with resultant XXE via instantiation of a SimpleXMLElement object. |
|
|
|
