BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
[RT-SA-2017-012] Shopware Cart Accessible by Third-Party Websites Mar 13 2018 12:07PM
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: Shopware Cart Accessible by Third-Party Websites

RedTeam Pentesting discovered that the shopping cart implemented by Shopware
offers an insecure API. Malicious, third-party websites may abuse this API to
list, add or remove products from a user's cart.

Details
=======

Product: Shopware...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus