CVE-2026-31825

{"id": "CVE-2026-31825", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2026-03-10T22:16:20.320", "references": [{"url": "https://github.com/Sylius/Sylius/security/advisories/GHSA-xcwx-r2gw-w93m", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-89"}, {"lang": "en", "value": "CWE-943"}]}], "descriptions": [{"lang": "en", "value": "Sylius is an Open Source eCommerce Framework on Symfony. Sylius API filters ProductPriceOrderFilter and TranslationOrderNameAndLocaleFilter pass user-supplied order direction values directly to Doctrine's orderBy() without validation. An attacker can inject arbitrary DQL. The issue is fixed in versions: 1.9.12, 1.10.16, 1.11.17, 1.12.23, 1.13.15, 1.14.18, 2.0.16, 2.1.12, 2.2.3 and above."}, {"lang": "es", "value": "Sylius es un framework de eCommerce de c\u00f3digo abierto en Symfony. Los filtros de la API de Sylius ProductPriceOrderFilter y TranslationOrderNameAndLocaleFilter pasan valores de direcci\u00f3n de orden suministrados por el usuario directamente a orderBy() de Doctrine sin validaci\u00f3n. Un atacante puede inyectar DQL arbitrario. El problema est\u00e1 solucionado en las versiones: 1.9.12, 1.10.16, 1.11.17, 1.12.23, 1.13.15, 1.14.18, 2.0.16, 2.1.12, 2.2.3 y superiores."}], "lastModified": "2026-03-11T13:52:47.683", "sourceIdentifier": "security-advisories@github.com"}