Access Control Bypass
Shopware is vulnerable to Access Control Bypass. The vulnerability is due to improper handling of ManyToManyAssociationField in the Criteria processing via SalesChannelRepository.php, which allows attackers to bypass protections and potentially access or manipulate data through extensions...