OR
     *cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:* versions from (including) 6.1.0 up to (excluding) 6.4.3.1

NIST (AV:N/AC:L/Au:N/C:N/I:P/A:N)

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

NIST NVD-CWE-noinfo

https://github.com/shopware/platform/commit/912b96de3b839c6c5525c98cbb58f537c2d838be No Types Assigned

https://github.com/shopware/platform/commit/912b96de3b839c6c5525c98cbb58f537c2d838be Patch, Third Party Advisory

https://github.com/shopware/platform/security/advisories/GHSA-9f8f-574q-8jmf No Types Assigned

https://github.com/shopware/platform/security/advisories/GHSA-9f8f-574q-8jmf Third Party Advisory

### Impact Manipulation of product reviews via API ### Patches We recommend updating to the current version 6.4.3.1. You can get the update to 6.4.3.1 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/#shopware-6 ### Workarounds For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version. https://store.shopwar

Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a vulnerability that allows manipulation of product reviews via API. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin.