Posted on Leave a comment

CVE-2019-12935

Shopware before 5.5.8 has XSS via the Query String to the backend/Login or backend/Login/load/ URI.

What are your thoughts?