CVE-2021-32709: Missing Authentication for Critical Function
(updated )
Creation of order credits was not validated by ACL in admin orders. Users are recommend to update to the current You can get the update to regularly via the Auto-Updater or directly via the download overview. For older versions of, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.
References
Detect and mitigate CVE-2021-32709 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →