HIGH🇵🇱 Wersja polska

CVE-2024-37621

CVSS 7.2v3.1pub. 2024-06-17upd. 2025-06-20

StrongShop v1.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the component /shippingOptionConfig/index.blade.php.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Strongshop

    APP
    Strongshop
    1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-37619MEDIUM6.1ten sam produkt

StrongShop v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the spec_gr...