Magento 2 Issues

Questions related to ecommerce software can be posted here.
Post Reply
Accrete
Administrator
Posts: 1116
Joined: Fri Nov 08, 2019 12:44 am
Latest blog post: Have You Read the Webmaster Guidelines Yourself?
Answers: 1
Reputation: 732
Location: Canada
Has thanked: 22 times
Been thanked: 95 times
Contact:

Magento 2 Issues

Post by Accrete »

If you are a Magento 2 user you should bookmark this thread to follow it. Issues we find and members contribute regarding Magento 2 will be/should be posted to this thread so we keep them all together, making them easier to find.

Here is the first one since starting this thread.

Platform Allow Code-Execution
Admins are encouraged to update their websites to stave off attacks from Magecart card-skimmers and others.


Critical vulnerabilities in Adobe’s Magento e-commerce platform – a favorite target of the Magecart cybergang – could lead to arbitrary code execution.

Adobe issued patches on Tuesday as part of its overall release of the Magento 2.3.4 upgrade, giving the fixes a “priority 2” rating. In Adobe parlance, priority 2 means that administrators should apply the updates within 30 days.

Out of the flaws, Adobe has fixed three that it rates as critical in severity, meaning that successful exploits could “allow malicious native code to execute, potentially without a user being aware.”
Continued: Critical Flaws in Magento e-Commerce Platform Allow Code-Execution
January 29, 2020


Yours truly,
Accrete Web Solutions

SEO troubleshooting and review services available. - Pm me.

Advertisement
Accrete
Administrator
Posts: 1116
Joined: Fri Nov 08, 2019 12:44 am
Latest blog post: Have You Read the Webmaster Guidelines Yourself?
Answers: 1
Reputation: 732
Location: Canada
Has thanked: 22 times
Been thanked: 95 times
Contact:

Re: Magento 2 Issues

Post by Accrete »

If you are using Magento you will need to check this patch has been applied to your installation of Magento:
Adobe has released patches for critical and important-severity flaws in its popular Magento e-commerce platform.

Critical flaws in Adobe’s Magento e-commerce platform – which is commonly targeted by attackers like the Magecart cybergang – could enable arbitrary code execution on affected systems.

Magento is a popular, Adobe-owned open-source e-commerce platform that powers many online shops. Adobe on Tuesday released security updates for flaws affecting Magento Commerce 2 and Magento Open Source 2, versions 2.3.5-p1 and earlier. These included two critical vulnerabilities and two important-severity flaws...
Report continued at: Critical Magento Flaws Allow Code Execution
July 29, 2020


Yours truly,
Accrete Web Solutions

SEO troubleshooting and review services available. - Pm me.

Post Reply

Return to “Ecommerce Software”

Who is online

Users browsing this forum: No members and 0 guests