CVE-2019-12935
HIGH NUCLEIShopware < 5.5.8 - XSS
Title source: ruleDescription
Shopware before 5.5.8 has XSS via the Query String to the backend/Login or backend/Login/load/ URI.
Nuclei Templates (1)
Shopware < 5.5.8 - Cross-Site Scripting
HIGHby pussycat0x
References (4)
Scores
CVSS v3
7.4
EPSS
0.0372
EPSS Percentile
88.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
Details
CWE
CWE-79
Status
published
Products (2)
shopware/shopware
< 5.5.8
shopware/shopware
0 - 5.5.8Packagist
Published
Jun 23, 2019
Tracked Since
Feb 18, 2026