Impact
This vulnerability affects Smartstore shops in version 4.0.0 & 4.0.1 which have installed and activated the Web API plugin.
Patches
Users of Smartstore 4.0.0 and 4.0.1 must merge their repository with 4.0.x or overwrite the file SmartStore.Web.Framework in the /bin directory of the deployed shop with this file
Workarounds
If you don't want or can't update anything in your Shop right now just uninstall the Web API plugin to close this vulnerability.
Impact
This vulnerability affects Smartstore shops in version 4.0.0 & 4.0.1 which have installed and activated the Web API plugin.
Patches
Users of Smartstore 4.0.0 and 4.0.1 must merge their repository with 4.0.x or overwrite the file SmartStore.Web.Framework in the /bin directory of the deployed shop with this file
Workarounds
If you don't want or can't update anything in your Shop right now just uninstall the Web API plugin to close this vulnerability.