shopware/storefront Security Advisories (4)
-
[CRITICAL] Shopware's session is persistent in Cache for 404 pages
PKSA-5pbs-7q37-td9b CVE-2024-27917 GHSA-c2f9-4jmm-v45m
Affected version: >=6.5.8.0,<6.5.8.7
Reported by:
GitHub -
[MEDIUM] HTTP caching is marking private HTTP headers as public in Shopware
PKSA-jkxk-vsfj-5htm CVE-2022-24747 GHSA-6wrh-279j-6hvw
Affected version: <=6.4.8.1
Reported by:
GitHub -
[MEDIUM] HTML injection possibility in voucher code form in Shopware
PKSA-8jwr-9m26-8fx2 CVE-2022-24746 GHSA-952p-fqcp-g8pc
Affected version: <=6.4.8.0
Reported by:
GitHub -
[MEDIUM] Shopware guest session is shared between customers
PKSA-yfgt-8j4b-756q CVE-2022-24745 GHSA-jp6h-mxhx-pgqh
Affected version: <=6.4.8.1
Reported by:
GitHub