[MEDIUM] Exposure of .env if project root is configured as web root in shopware/production

PKSA-47yc-smrt-btrv GHSA-3pcr-4982-548m

Affected package: shopware/production

Affected version: <=6.3.5.2

Reported by:
GitHub