Security: shopware/shopware
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Improper Session Handling in store-api account logoutGHSA-5297-wrrp-rcj7 published
Apr 8, 2024 by pweyckModerate -
Session is persistent in Cache for 404 pagesGHSA-c2f9-4jmm-v45m published
Mar 6, 2024 by shyimCritical -
Broken Access Control order APIGHSA-3867-jc5c-66qf published
Jan 16, 2024 by pweyckModerate -
Blind SQL-injection in DAL aggregationsGHSA-qmp9-2xwj-m6m9 published
Jan 16, 2024 by pweyckCritical -
Server-Side Request Forgery (SSRF) in Flow BuilderGHSA-3535-m8vh-vrmw published
Jan 16, 2024 by pweyckHigh -
Improper Control of Generation of Code in Twig rendered viewsGHSA-7v2v-9rm4-7m8f published
Apr 17, 2023 by shyimHigh -
Improper Input Validation of Clearance sale in cartGHSA-8r6h-m72v-38fg published
Jan 17, 2023 by shyimModerate -
Improper Control of Generation of Code in Twig rendered viewsGHSA-93cw-f5jj-x85w published
Jan 17, 2023 by shyimCritical -
Insufficient Session Expiration in AdministrationGHSA-59qg-93jg-236f published
Jan 17, 2023 by shyimLow -
Improper Output Neutralization in Log ModuleGHSA-7cp7-jfp6-jh4f published
Jan 17, 2023 by shyimLow