Magento SUPEE-5994 patch

Posted on Posted in Magento

Decription: Magento SUPEE-5994 patch is a bundle of eight patches that resolve several security-related issues.

You can find more details on the vulnerabilties address by this patch below:

  1. Admin Path Disclosure - APPSEC-977
  2. Customer Address Leak through Checkout - APPSEC-945
  3. Customer Information Leak through Recurring Profile - APPSEC-926
  4. Local File Path Disclosure Using Media Cache - APPSEC-965
  5. Cross-site Scripting (XSS) Using Magento Downloader - APPSEC-979
  6. Spreadsheet Formula Injection - APPSEC-978
  7. Cross-site Scripting Using Authorize.Net Direct Post Module - APPSEC-907
  8. Malicious Package Can Overwrite System Files - APPSEC-535

Affected versions: Magento CE prior to 1.9.2.0, and Magento EE prior to 1.14.2.1

Recommended action: Download and apply patch.
Test the website on https://www.magereport.com/

Origin URLs:

Leave a Reply

Your email address will not be published. Required fields are marked *