[HIGH] Shopware Storefront Reflected XSS in Storefront Login Page

PKSA-hv1g-94j4-tpht CVE-2025-67648 GHSA-6w82-v552-wjw2

Affected version: >=6.7.0.0,<6.7.5.1|>=6.4.6.0,<6.6.10.10

Reported by:
GitHub

[CRITICAL] Shopware's session is persistent in Cache for 404 pages

PKSA-5pbs-7q37-td9b CVE-2024-27917 GHSA-c2f9-4jmm-v45m

Affected version: >=6.5.8.0,<6.5.8.7

Reported by:
GitHub