Miggo Logo
Miggo Vulnerability Database
CVE-2019-12935

CVE-2019-12935: Shopware Cross-site Scripting Vulnerability

6.1

CVSS Score
3.0

Basic Information

CVE ID
CVE-2019-12935
GHSA ID
GHSA-8qxh-hcr9-2379
EPSS Score
0.65997%
CWE
CWE-79
Published
5/24/2022
Updated
8/1/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
shopware/shopwarecomposer< 5.5.85.5.8

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from unescaped output of query string parameters in backend login handlers. While no patch diffs are available, the consistent references to backend/Login and backend/Login/load endpoints across all vulnerability descriptions indicate the controller actions handling these routes are the injection points. These controller methods would process the request parameters and pass them to views without proper sanitization in vulnerable versions (<5.5.8). The XSS payloads shown in Netsparker's examples demonstrate direct reflection of unsanitized query parameters in HTML responses.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

S*opw*r* ***or* *.*.* **s XSS vi* t** Qu*ry Strin* to t** ***k*n*/Lo*in or ***k*n*/Lo*in/lo**/ URI.

Reasoning

T** vuln*r**ility st*ms *rom un*s**p** output o* qu*ry strin* p*r*m*t*rs in ***k*n* lo*in **n*l*rs. W*il* no p*t** *i**s *r* *v*il**l*, t** *onsist*nt r***r*n**s to `***k*n*/Lo*in` *n* `***k*n*/Lo*in/lo**` *n*points **ross *ll vuln*r**ility **s*ripti