ГлавнаяУязвимости → CVE-2025-7954
8.1высокая

CVE-2025-7954

Описание

A race condition vulnerability has been identified in Shopware's voucher system of Shopware v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage limitations.

Затрагиваемое ПО
Shopware Shopware
CVSS
Балл8.1 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/shopware/shopware/issues/11245http://seclists.org/fulldisclosure/2025/Aug/17https://github.com/shopware/shopware/issues/11245