CVE-2022-21651

Name of the Vulnerable Software and Affected Versions Shopware versions prior to 5.7.7

Description An open redirect issue has been discovered in Shopware, an open source e-commerce software platform, due to incomplete URL handling in the shopware router. This allows users to be arbitrarily redirected when using certain URLs. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations For versions prior to 5.7.7, update to version 5.7.7 as soon as possible. For older versions, consider using the Security Plugin as a temporary measure to enhance security. However, the primary recommendation is to update to the current version 5.7.7, which can be done via the Auto-Updater or directly via the download overview.