CVE-2022-24745

Name of the Vulnerable Software and Affected Versions Shopware versions prior to 6.4.8.2

Description The issue affects guest sessions when HTTP cache is enabled, leading to inconsistent experiences for guest users. Setups with Varnish are not affected by this issue.

Recommendations For versions prior to 6.4.8.2, update to version 6.4.8.2 to resolve the issue. For older versions of 6.1, 6.2, and 6.3, consider installing a security plugin as a workaround. As a temporary workaround, consider disabling the HTTP Cache until a patch is available.