Vulnerability Description
A stored cross-site scripting (XSS) vulnerability exists in the Shopware 6 installation interface at /recovery/install/database-configuration/. The c_database_schema field fails to properly sanitize user-supplied input before rendering it in the browser, allowing an attacker to inject malicious JavaScript. This vulnerability can be exploited via a Cross-Site Request Forgery (CSRF) attack due to the absence of CSRF protections on the POST request. An unauthenticated remote attacker can craft a malicious web page that, when visited by a victim, stores the payload persistently in the installation configuration. As a result, the payload executes whenever any user subsequently accesses the vulnerable installation page, leading to persistent client-side code execution.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Shopware | Shopware | >= 6.1.0, < 6.2.3 |
Related Weaknesses (CWE)
References
- https://gist.github.com/anonx-hunter/a7ef32a01d7d888413b08bf8589fdd7e#file-cve-2ExploitThird Party Advisory
- https://www.dax-tokaido.com/recovery/install/database-configuration/Not Applicable
- https://gist.github.com/anonx-hunter/a7ef32a01d7d888413b08bf8589fdd7e#file-cve-2ExploitThird Party Advisory
FAQ
What is CVE-2025-51541?
CVE-2025-51541 is a vulnerability with a CVSS score of 6.1 (MEDIUM). A stored cross-site scripting (XSS) vulnerability exists in the Shopware 6 installation interface at /recovery/install/database-configuration/. The c_database_schema field fails to properly sanitize u...
How severe is CVE-2025-51541?
CVE-2025-51541 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-51541?
Check the references section above for vendor advisories and patch information. Affected products include: Shopware Shopware.