Tuesday 4th August 2015

Network Magento patch required


Magento has released a new security patch for versions 1.4 and newer, SUPEE-6482

The vulnerabilities

This bundle includes protection against the following security-related issues:

  • Cross-site Scripting Using Unvalidated Headers
  • Autoloaded File Inclusion in Magento SOAP API
  • XSS in Gift Registry Search
  • SSRF Vulnerability in WSDL File

What you need to do

You must apply this new security patch as soon as possible. It can be downloaded from https://www.magentocommerce.com/download

You can either patch the store yourself using the instructions below, or submit a (chargeable) maintenance support ticket at https://www.theclientarea.info where our support team can apply the patch on your behalf (est. 5-60 mins application time).

More information

Read more about the patch here, http://us5.campaign-archive1.com/?u=34ff0d4b547cfa0a6a6901212&id=90740291cb