Security Advisories - shopware/storefront - Packagist

shopware/storefront Security Advisories for v6.1.0 (3)

HTTP caching is marking private HTTP headers as public in Shopware

CVE-2022-24747

Affected version: <=6.4.8.1

Reported by:
GitHub
HTML injection possibility in voucher code form in Shopware

CVE-2022-24746

Affected version: <=6.4.8.0

Reported by:
GitHub
Shopware guest session is shared between customers

CVE-2022-24745

Affected version: <=6.4.8.1

Reported by:
GitHub