Shopware: >> B2b Suite Security Vulnerabilities
An issue was discovered in Shopware B2B-Suite through 4.4.1. The sort-by parameter of the search functionality of b2border and b2borderlist allows SQL injection. Possible techniques are boolean-based blind, time-based blind, and potentially stacked queries. The vulnerability allows a remote authenticated attacker to dump the underlying database.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-03-29