v5.11.3

[paeddl]

• Bugfix JS Invoice

[github-actions]

Checkmarx One – Scan Summary & Details – 0423e088-6149-4d36-9d13-8ef50d93cf9e

New Issues (4)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	CVE-2025-27892	Php-shopware/core-v6.5.8.17	details Description: Shopware 6 is an open-commerce platform based on Symfony Framework and Vue and supported by a worldwide community. Both shopware/core and shopware/... Attack Vector: NETWORK Attack Complexity: LOW ID: P1MPxDOmVgePOhTOunn2xeRuijodWyovOXP1HU0W8cY%3D Vulnerable Package
	CVE-2011-3744	Php-ezyang/htmlpurifier-v4.18.0	details Description: HTML Purifier contains an information disclosure vulnerability that allows remote attackers to obtain sensitive information by directly requesting ... Attack Vector: NETWORK Attack Complexity: LOW ID: D7sn2ELagQuzm2toezJaz9AL52O147Qpy0XPuqnJvbE%3D Vulnerable Package
	CVE-2025-30150	Php-shopware/core-v6.5.8.17	details Description: Shopware 6 is an open commerce platform based on Symfony Framework and Vue. Through the "store-api" it is possible for an attacker to check if a sp... Attack Vector: NETWORK Attack Complexity: LOW ID: F9AMAn7ZSl8vM%2BZj%2FumOeRm0Bh%2BssyrTjAQ61%2FrGe8w%3D Vulnerable Package
	CVE-2025-32378	Php-shopware/core-v6.5.8.17	details Description: Shopware is an open-source e-commerce software platform. In Shopware, the default settings for "double-opt-in" allow for mass unsolicited "newslett... Attack Vector: NETWORK Attack Complexity: LOW ID: WrQTGhdcCHGadWueIwVLJ3WJvl3Uey1V%2FjZWnQQmq50%3D Vulnerable Package

Fixed Issues (4)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	Cx89601373-08db	Npm-debug-2.6.9
	Cx89601373-08db	Npm-debug-3.2.7
	Cxf6e7f2c1-dc59	Npm-yauzl-2.10.0
	Client_Hardcoded_Domain	/src/Resources/app/storefront/src/unzer/unzer-payment.apple-pay.plugin.js: 74