ALERT! Security Patch Update  for  Shopware 6

Shopware 6 Security Patch Release 6.4.8.2

Security is one of the most crucial factors of an eCommerce store that every store owner concern about. Any security gap or vulnerability can risk the eCommerce Store website. 

If you are a Shopware 6 store owner you should have look at the recent Shopware 6 Security Patch release 6.4.8.2 which is release on 8th March 2022 and update the existing Shopware 6 version as early as possible.

In this security patch release, they have fixed security gaps of the threat level “low” and “critical”. All Shopware versions from 6.1.0 to 6.4.8.1 get affect by this security patch release.

The following vulnerability fixes by Shopware with this security update:

  • NEXT-20305: Modify Customers, create Orders without App Permission
  • NEXT-20309: HTTP caching is marking private HTTP headers as public
  • NEXT-20235: Always false condition in Security Plugin

It is highly recommendable for all the Shopware 6 store owners and eCommerce managers to update the current version 6.4.8.2. The update can be done via the Auto-Updater or directly via the download overview. (https://www.shopware.com/en/download/#shopware-6)

For older versions, corresponding security measures are also available via a plugin.

https://store.shopware.com/en/detail/index/sArticle/518463/number/Swag136939272659

Updating the Shopware store version with the latest security patch release will protect the store from vulnerabilities and it will enhance its security of the store.

Bhavya Shah is a Business Analyst at iCreative Technologies. He specializes in the eCommerce consulting for all business domains. He is working hand-in-hand with developers and clients to produce requirements and specifications that accurately reflect business needs and are technologically achievable.



Leave a Reply

Your email address will not be published. Required fields are marked *