Magento Enterprise Edition and Community Edition 2.0.10 and 2.1.2 contain multiple security enhancements to address a Zend Framework vulnerability, prevent unauthorized users from backing up Magento files, and ensure sessions are invalidated after a user logs out. More information about these issues is provided below.

  • APPSEC-1484 – Remote Code Execution in checkout
    • Severity = 9.8 (Critical)
  • APPSEC-1480 – SQL injection in Zend Framework
    • Severity = 9.1 (Critical)
  • APPSEC-1503 – Stored Cross-Site Scripting in email templates
    • Severity = 8.7 (High)
  • APPSEC-1488 – Stored XSS in invitations
    • Severity = 8.2 (High)
  • APPSEC-1533 – Order item with altered price
    • Severity = 7.5 (High)
  • APPSEC-1270 – Guest order view protection code vulnerable to brute-force attack
    • Severity = 7.5 (High)
  • APPSEC-1539 – Cross-Site Scripting in section loading
    • Severity = 7.5 (High)
  • APPSEC-1433 – Unauthorized removal of customer address
    • Severity = 6.5 (Medium)
  • APPSEC-1338 – Full Page Cache poisoning
    • Severity = 6.5 (Medium)
  • APPSEC-1329 – Information disclosure in maintenance mode
    • Severity = 5.3 (Medium)
  • APPSEC-1490 – Local file inclusion
    • Severity = 4.9 (Medium)
  • APPSEC-1543 – Removal of currently logged-in administrator
    • Severity = 4.9 (Medium)
  • APPSEC-1212 – CSRF delete items from mini cart
    • Severity = 4.3 (Medium)
  • APPSEC-1478 – Session does not expire on logout
    • Severity = 4.2 (Medium)
  • APPSEC-1481 – Admin users can create backups regardless of privileges
    • Severity = 4.1 (Medium)

 

You are advised to deploy these new releases right away. Updates should be installed and tested in a development environment before being put into production. Always take a full backup before attempting to upgrade your store.

Share This