In this security release, in addition to the usual bug fixes and optimizations, we have also been able to close security vulnerabilities of the threat levels "low" to "medium" in the frontend.
Affected are the Shopware versions from 5.0.0. to 5.7.1 The following vulnerabilities, were fixed with this security update:
To secure your system, you can now choose between the following options:
We recommend updating to the current version 5.7.2. You can get the update to 5.7.2 using the auto-updater or directly from our download overview.
If you can't update your Shopware installation (recommended), you can also secure it using a plugin:
If the plugin already exists, you can simply update the plugin through the plugin manager to bring it up to date. If problems occur, you can disable individual fixes using the plugin settings.
Please check all important functionalities after installation or update, especially the ordering process.