CNNVD-202508-392 Information

CNNVD ID

CNNVD-202508-392

Related CVE

CVE-2025-51541

• CNNVD Published: 2025-08-05

Description (Chinese)

Shopware是德国Shopware公司的一套开源电子商务软件。 Shopware存在安全漏洞，该漏洞源于安装界面c_database_schema字段清理不足，可能导致存储型跨站脚本。

Description (English)

Shopware is an open-source e-commerce software package for the German company Shopware. There is a security loophole in Shopware, which stems from the installation of the interface c database schema field, which may lead to storage-type cross-site scripts.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Shopware

Published

2025-08-05

Last Modified

2026-02-24

References

https://www.dax-tokaido.com/recovery/install/database-configuration/ https://gist.github.com/anonx-hunter/a7ef32a01d7d888413b08bf8589fdd7e#file-cve-2025-51541-shopware-xss-md https://access.redhat.com/security/cve/cve-2025-51541