https://blog.qife122.com/tags/shopware/ Recent content in Shopware on 办公AI智能小助手 Hugo zh-cn qife Sat, 13 Dec 2025 16:31:45 +0800 https://blog.qife122.com/p/shopware%E5%89%8D%E7%AB%AF%E7%99%BB%E5%BD%95%E9%A1%B5%E9%9D%A2%E5%8F%8D%E5%B0%84%E5%9E%8Bxss%E6%BC%8F%E6%B4%9E%E6%B7%B1%E5%BA%A6%E8%A7%A3%E6%9E%90/ Sat, 13 Dec 2025 16:31:45 +0800 https://blog.qife122.com/p/shopware%E5%89%8D%E7%AB%AF%E7%99%BB%E5%BD%95%E9%A1%B5%E9%9D%A2%E5%8F%8D%E5%B0%84%E5%9E%8Bxss%E6%BC%8F%E6%B4%9E%E6%B7%B1%E5%BA%A6%E8%A7%A3%E6%9E%90/ <h3 id="漏洞概述">漏洞概述</h3> <p>该安全公告披露了一个存在于Shopware电商平台Storefront组件登录页面的<strong>反射型跨站脚本(XSS)</strong> 漏洞，被分配了唯一标识符 <strong>GHSA-6w82-v552-wjw2</strong>。漏洞的严重性等级为<strong>高危</strong>，CVSS v3.1基础评分为<strong>7.1</strong>。</p>