Name of the Vulnerable Software and Affected Versions: Shopware versions prior to 6.3.5.1

Description: The issue allows for the generation of fake documents via a public GET call. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited.

Recommendations: For versions prior to 6.3.5.1, update to version 6.3.5.1. For older versions of 6.1 and 6.2, install the corresponding security plugin as a temporary measure. As a more permanent solution, update to the latest Shopware version for the full range of functions.