✅ 檢查你的版本
所有已知漏洞
from 0, < 4.3.7
>= 5.3.0, <= 5.6.0
from 0, < 5.4.3
>= 5.2.0, < 5.7.9
HIGH7.2CVE-2026-23498Shopware Has Improper Control of Generation of Code in Twig rendered views >= 6.7.0.0, < 6.7.6.1
HIGH7.1CVE-2025-67648Shopware Storefront Reflected XSS in Storefront Login Page >= 6.4.6.0, < 6.6.10.10
>= 5.0.0, < 5.7.7
from 0, < 5.3.4
MEDIUM6.4CVE-2022-24892Multiple valid tokens for password reset in Shopware >= 5.0.4, < 5.7.9
MEDIUM6.3CVE-2022-36102Shopware access control list bypassed via crafted specific URLs from 0, < 5.7.15
MEDIUM6.1CVE-2022-48150Shopware vulnerable to cross-site scripting (XSS) from 0, <= 5.5.10
from 0, < 5.5.8
>= 5.2.5, <= 5.3
from 0, < 5.7.6
MEDIUM5.4CVE-2022-36101Shopware contains sensitive data in backend customer module from 0, < 5.7.15
MEDIUM5.4CVE-2022-31148Shopware vulnerable to persistent cross site scripting (XSS) in customer module >= 5.7.0, < 5.7.14
MEDIUM5.4CVE-2022-31057Authenticated Stored Cross-site Scripting in Shopware from 0, < 5.7.12
MEDIUM5.4CVE-2022-24873Reflected Cross-site Scripting in Shopware storefront from 0, < 5.7.9
MEDIUM5.3CVE-2023-34099Shopware improper mail validation vulnerability >= 5.1.4, < 5.7.18
>= 5.6.0, < 5.7.18
MEDIUM5.3CVE-2021-32712Exposure of Sensitive Information to an Unauthorized Actor from 0, < 5.6.10
from 0, < 5.6.10
>= 5.7.3, < 5.7.7