pkg:Packagist/shopware/storefront
5 total CVEsHIGH2MEDIUM3
✅ Check your installed version
All known vulnerabilities
HIGH7.5CVE-2024-27917Shopware's session is persistent in Cache for 404 pages >= 6.5.8.0, < 6.5.8.7
HIGH7.1CVE-2025-67648Shopware Storefront Reflected XSS in Storefront Login Page >= 6.4.6.0, < 6.6.10.10
MEDIUM6.3CVE-2022-24747HTTP caching is marking private HTTP headers as public in Shopware from 0, < 6.4.8.2
MEDIUM6.1CVE-2022-24746HTML injection possibility in voucher code form in Shopware from 0, < 6.4.8.1
MEDIUM4.8CVE-2022-24745Shopware guest session is shared between customers from 0, < 6.4.8.2