From 33be5affa3b69af13eac6d1b22fb8c650658240b Mon Sep 17 00:00:00 2001
From: Jacek Pyziak <jacek.pyziak@project-pro.pl>
Date: Fri, 27 Feb 2026 18:26:34 +0100
Subject: [PATCH] fix: whitelist integration_id against known integrations in
 product update

---
 src/Modules/Products/ProductsController.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/Modules/Products/ProductsController.php b/src/Modules/Products/ProductsController.php
index ec094fa..2130e03 100644
--- a/src/Modules/Products/ProductsController.php
+++ b/src/Modules/Products/ProductsController.php
@@ -456,11 +456,15 @@ final class ProductsController
         }
 
         // Save per-integration content overrides
+        $allowedIntegrationIds = array_map(
+            static fn (array $i): int => (int) ($i['id'] ?? 0),
+            $this->integrations->listByType('shoppro')
+        );
         $integrationContent = $request->input('integration_content', []);
         if (is_array($integrationContent)) {
             foreach ($integrationContent as $rawIntegrationId => $content) {
                 $integrationId = (int) $rawIntegrationId;
-                if ($integrationId <= 0 || !is_array($content)) {
+                if ($integrationId <= 0 || !is_array($content) || !in_array($integrationId, $allowedIntegrationIds, true)) {
                     continue;
                 }
                 $this->products->upsertIntegrationTranslation(