Duplicate Advisory: Session Fixation

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-h9q8-5gv2-v6mg. This link is maintained to preserve external references. Original Description Shopware is an open source eCommerce platform. Potential session hijacking of store customers in versions below...

CVE-2021-32710

Shopware is an open source eCommerce platform. Potential session hijacking of store customers in versions below 6.3.5.2. We recommend to update to the current version 6.3.5.2. You can get the update to 6.3.5.2 regularly via the Auto-Updater or directly via the download overview. For older version...

Code injection

Shopware is an open source eCommerce platform. Potential session hijacking of store customers in versions below 6.3.5.2. We recommend to update to the current version 6.3.5.2. You can get the update to 6.3.5.2 regularly via the Auto-Updater or directly via the download overview. For older version...

Shopware 授权问题漏洞

Shopware is a suite of open source e-commerce software from the German company Shopware. An authorization issue vulnerability exists in Shopware that stems from the lack of proper encryption of sessions in the system, which could allow an attacker to hijack a customer's session. The following...

GHSA-H9Q8-5GV2-V6MG Potential Session Hijacking

Impact Potential session hijacking of store customers. Patches We recommend to update to the current version 6.3.5.2. You can get the update to 6.3.5.2 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6 Workarounds For older...