Magento’s critical vulnerability requires immediate update

January 25, 2016/in Security/by admindmt

Thanks to the work of Sucuri‘s research team, a critical security flaw has been recently discovered in the popular Magento e-commerce platform. SUPEE-7405 Multiple Update is available for patching over 20 flaws that put the site at risk of falling under the control of cyber-criminals that can exploit them.

Virtually all versions of Magento CE before 1.9.2.3 and Magento EE prior to 1.14.2.3 are at risk. The cause of the vulnerability is a portion of code badly written in Magento’s core libraries, back-end, or administrative control panel. The type of vulnerability is stored Cross-site Scripting (XSS), probably the most vulnerable source for sites around the world.

All sites created or maintained by Deltamatica on a Magento basis have been updated within 2 hours after patch release. In the 24 hours following the release of the vulnerability, several attack attempts were detected.

Latest News

Did you know that…

Bitcoin was born in 2009 as the first decentralized cryptocurrency. Today, over 4,000 altcoin (alternative coins) variants of bitcoin exist.

The blockchain is the cryptography technology behind the bitcoin system. It enables the distributed public ledger system through which bitcoin transactions are validated.

15,1 Mbps is the average internet connection speed in Italy in 2018, which corresponds to the 43rd place in the world ranking. Highest ranking countries are Norway, Sweden, Denmark ( average internet speed >40,0 Mbps) and Romania (>39,60 Mbps).

In 2019 the social networks advertising revenue was 39 billions euros: social media ad spend surpassed TV.

Magento’s critical vulnerability requires immediate update

Interesting links

Pages

Categories

You might also like

Interesting links

Pages

Categories