Security Advisories - PKSA-6c8x-wdsy-zx17 - Packagist.org

PKSA-6c8x-wdsy-zx17 Security Advisory

[MEDIUM] Shopware: Unauthorized Payment Trigger for Foreign Orders via /store-api/handle-payment

PKSA-6c8x-wdsy-zx17 CVE-2026-48016 GHSA-9v5m-39wh-5chq

Affected package: shopware/platform

Affected version: <6.6.10.18|>=6.7.0.0,<6.7.10.1

Reported by:
GitHub