Search for vulnerabilities
| Vulnerability ID | VCID-5ghb-b3uc-pyfm |
| Aliases |
GHSA-cq6h-w3mc-57f4
GMS-2020-588 GMS-2020-595 |
| Summary | ### Impact Information exposure via query strings in URL ### Patches We recommend to update to the current version 6.3.4.1. You can get the update to 6.3.4.1 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/#shopware-6 ### Workarounds For older versions of 6.1 and 6.2 the corresponding changes are also available via plugin: https://store.shopware.com/en/detail/index/sArticle/518463/number/Swag136939272659 ### For more information https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-12-2020 ### Credits We would like to thank <a rel="noopener" href="https://www.vater-it.de/">Oliver Herrmann</a> for reporting this issue. |
| Status | Published |
| Exploitability | None |
| Weighted Severity | None |
| Risk | None |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| cvssv3.1_qr | LOW | https://github.com/advisories/GHSA-cq6h-w3mc-57f4 |
| cvssv3.1_qr | LOW | https://github.com/shopware/platform/security/advisories/GHSA-cq6h-w3mc-57f4 |
| generic_textual | LOW | https://github.com/shopware/platform/security/advisories/GHSA-cq6h-w3mc-57f4 |
| Reference id | Reference type | URL |
|---|---|---|
| https://github.com/shopware/platform/security/advisories/GHSA-cq6h-w3mc-57f4 | ||
| GHSA-cq6h-w3mc-57f4 | https://github.com/advisories/GHSA-cq6h-w3mc-57f4 |
No EPSS data available for this vulnerability.
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-05-31T11:09:56.586012+00:00 | GithubOSV Importer | Import | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/12/GHSA-cq6h-w3mc-57f4/GHSA-cq6h-w3mc-57f4.json | 38.6.0 |