shopware/core Security Advisories for 6.5.0.0-rc4 (3)
-
[MEDIUM] Shopware Improper Session Handling in store-api account logout
PKSA-s8vz-878v-gv1c CVE-2024-31447 GHSA-5297-wrrp-rcj7
Affected version: >=6.6.0.0-rc1,<6.6.1.0|>=6.3.5.0,<6.5.8.8
Reported by:
GitHub -
[MEDIUM] Broken Access Control order API in Shopware
PKSA-mm7q-gnjj-tttn CVE-2024-22407 GHSA-3867-jc5c-66qf
Affected version: <=6.5.7.3
Reported by:
GitHub -
[CRITICAL] Blind SQL injection in shopware
PKSA-ktmn-6519-qrdp CVE-2024-22406 GHSA-qmp9-2xwj-m6m9
Affected version: <=6.5.7.3
Reported by:
GitHub