An issue was discovered in OXID eShop before 7. CMS pages in combination with Smarty may display user information if a CMS page contains a Smarty syntax error.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Oxid-esales |
|
Configuration 1 [-]
|
No data.
References
| Link | Providers |
|---|---|
| https://bugs.oxid-esales.com/view.php?id=7743 |
|
History
Wed, 16 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Tue, 15 Jul 2025 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Oxid-esales
Oxid-esales eshop |
|
| CPEs | cpe:2.3:a:oxid-esales:eshop:6.5.0:*:*:*:community:*:*:* cpe:2.3:a:oxid-esales:eshop:6.5.0:*:*:*:enterprise:*:*:* cpe:2.3:a:oxid-esales:eshop:7.0.0:*:*:*:community:*:*:* cpe:2.3:a:oxid-esales:eshop:7.0.0:*:*:*:enterprise:*:*:* |
|
| Vendors & Products |
Oxid-esales
Oxid-esales eshop |
Wed, 14 May 2025 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 14 May 2025 14:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-200 | |
| Metrics |
cvssV3_1
|
Tue, 13 May 2025 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An issue was discovered in OXID eShop before 7. CMS pages in combination with Smarty may display user information if a CMS page contains a Smarty syntax error. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2025-05-13T00:00:00.000Z
Updated: 2025-05-14T14:02:05.974Z
Reserved: 2024-12-27T00:00:00.000Z
Link: CVE-2024-56526
Vulnrichment
Updated: 2025-05-14T14:01:59.011Z
NVD
Status : Analyzed
Published: 2025-05-13T16:15:28.380
Modified: 2025-07-15T16:21:35.763
Link: CVE-2024-56526
Redhat
No data.