MidnightBSD

Advisories for strongshop

CVE-2024-37619

StrongShop v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the spec_group_id parameter at /spec/index.blade.php.

Products Affected

Vendor Product Version
strongshop strongshop 1.0
CVE-2024-37621

StrongShop v1.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the component /shippingOptionConfig/index.blade.php.

Products Affected

Vendor Product Version
strongshop strongshop 1.0