Next to the usual bug fixes and optimisations, we have also been able to close a vulnerability at the „moderate“ threat level.
The Shopware Version 5.0.0 up to 5.6.6 are is affected. The following vulnerability is fixed with this release:
You can choose between two options, to protect your system:
We strongly recommend to update to the latest version of Shopware (5.6.7). This Version will fix these vulnerabilities. You can use the auto-update process or simply download the version over our download page.
If it is not possible for you to update to the latest version of shopware, you can use our Shopware Security-Plugin.
If you use this plugin already, simply update it to the latest version to secure your environment. If you experience any problems, you can disable individual fixes via the plugin settings.
Please check all important functionalities, in particular the ordering process, after installation or update