Shopware versions 4.0.1 through 5.3.7 suffer from a cross site request forgery vulnerability. Malicious, third-party websites may abuse this API to list, add or remove products from a user's cart.
0c973cc0b8b396e326136493e77ee67e1e021b531a57d187e3ca1760ce5aca8a