PHP 7.2 Patches are available for Magento 1 Magento has released a patch that provides support for PHP 7.2.x for Magento Commerce 1.14.2.x and 1.14.3.x, as well as Magento Open Source 1.9.2.x and 1.9.3.x Going forward, support for PHP 7.2 will be included as part of the Magento Commerce 1.14.4.0 and Magento Open Source 1.9.4.0 releases, which are currently scheduled for late 2018. Important note: […]
Patch SUPEE-10888 for Magento 1.X released on 17th Sept 2018 This patch only applies to versions of Magento 1.x (including EE), but there is a similar set of security fixes for Magento 2 which can be applied as an upgrade in Magento 2.X This latest security patch release contains over 10 security fixes including five “Medium” severity issues and six “Low” severity issues. As always […]
Multiple High Risk Vulnerabilities in all Magento 1 Websites A large number (seventeen in total !) of security vulnerabilities have recently been announced by Magento, many of which are rated as critical and high and should therefore be patched as soon as possible using patch SUPEE-8788. Using the following release versions, Community Edition 1.9.3 or Enterprise Edition 1.14.3, are alternate ways to fix these issues. […]
Dangerous Stored XSS Vulnerability in Magento During an audit of their WAF, Sucuri discovered a dangerous, but also easy to exploit, Stored XSS Vulnerability in all versions of Magento. The issue could allow attackers to take over your site, create new administrator accounts, steal client information – in fact anything a legitimate administrator account is allowed to do ! Sucuri responsibly disclosed this to the […]
Credit Card Hijacking Vulnerability in Magento Stores Magento has just released information regarding a serious javascript malware issue which uses malicious code to harvest credit card credentials. A small Javascript snippet is embedded in the website, which then collects and sends out data from the checkout payment page to a range of different external websites. from information already gathered it appears that over 3.500 sites […]