In August, Shopware has come up with its latest release of Shopware 6.4.3.1. This Shopware new release is a package that is cumulative and includes various bug fixes and new features. It requires Shopware 6.3.0.0 or newer.
The Shopware 6.4.3.1 release, the Shopware team has closed security gaps of the threat level “medium” and “critical.” All these mentioned issues were discovered in an internal penetration test. The affected Shopware versions are from Shopware 6.1.0 to Shopware 6.4.3.0. The following vulnerabilities have been fixed with this update:
- NEXT -15601: Product reviews manipulation through the API
- NEXT -15673: Authenticated server-side request forgery in file upload via URL
- NEXT -15677: Cross-Site Scripting via SVG media files
- NEXT -15675: Insecure direct object reference of log files of the Import/Export feature
- NEXT -15699: Command injection in mail agent settings
At Emizentech, as a reputed Shopware development company, we recommend you to update your Shopware version to 6.4.3.1. You can get the update to 6.4.3.1 regularly either through the Auto-Updater or directly through the download overview.
How can we help?
We at Emizentech, are having expertise in developing Shopware stores from scratch and upgrading their versions. Our developers are also experts in implementing new features and functionalities on the Shopware stores. Let us know your requirements.
Also, learn about the other major Shopware Releases
#23 Chase Tower, opp. Metro Pillar 31,
USA
UK
UK
