Under certain circumstances, it’s possible to execute an unauthorized foreign code in Shopware. This is a critical security vulnerability that could affect the entire system. All Shopware versions from 4.0.0 up to and including Shopware 5.2.8 are affected. It is imperative that security updates be performed for every Shopware shop. Our current software version 5.2.9 already contains the required security update. You can upgrade to the new version 5.2.9 using the auto-update function in your backend or by downloading the release from our download-page.
If you are unable to upgrade your system to version 5.2.9 (recommended), you have two other options for securing your system: