In August, Shopware has come up with its latest release of Shopware 18.104.22.168. This Shopware new release is a package that is cumulative and includes various bug fixes and new features. It requires Shopware 22.214.171.124 or newer.
The Shopware 126.96.36.199 release, the Shopware team has closed security gaps of the threat level “medium” and “critical.” All these mentioned issues were discovered in an internal penetration test. The affected Shopware versions are from Shopware 6.1.0 to Shopware 188.8.131.52. The following vulnerabilities have been fixed with this update:
- NEXT -15601: Product reviews manipulation through the API
- NEXT -15673: Authenticated server-side request forgery in file upload via URL
- NEXT -15677: Cross-Site Scripting via SVG media files
- NEXT -15675: Insecure direct object reference of log files of the Import/Export feature
- NEXT -15699: Command injection in mail agent settings
At Emizentech, as a reputed Shopware development company, we recommend you to update your Shopware version to 184.108.40.206. You can get the update to 220.127.116.11 regularly either through the Auto-Updater or directly through the download overview.
How can we help?
We at Emizentech, are having expertise in developing Shopware stores from scratch and upgrading their versions. Our developers are also experts in implementing new features and functionalities on the Shopware stores. Let us know your requirements.
Also, learn about the other major Shopware Releases