Critical Updates and SUPEE patches for your Magento stores 1.x and 2.x versions.
Magento, following their routine of releasing security updates and patches to keep Magento secure and robust, have released security updates for 2.0.16 and 2.1.9. Along with that, SUPEE-10266, Mageno Commerce 1.4.3.6 and Open Source 1.9.3.6 is also available for download.
The updates contain security enhancements for the Magento Open Source (formerly knows as Community Edition) and Magento Commerce (formerly known as Enterprise Edition).
These are critical updates for your Magento stores, so it’s highly recommended that you install these immediately.
Magento Open Source 1.9.3.6 and SUPEE-10266
SUPEE-10266 contains fixes for several critical and functional security issues.
Here are some functional issues the release claims to resolve:
RSS session admin cookie can be used to gain Magento administrator privileges.
Remote Code Execution vulnerability in CMS and layouts
Exposure of Magento secret key from app/etc/local.xml
Directory traversal in template configuration
CSRF + Stored Cross Site Scripting (customer group)
Admin Notification Stored XSS
Potential file uploads solely protected by .htaccess
CSRF + Stored Cross Site Scripting in newsletter template
XSS in admin order view using order status label in Magento
Customer Segment Delete Action uses GET instead of POST request
Order Item Custom Option Disclosure
Admin login does not handle autocomplete feature correctly
Secure cookie check to prevent MITM not expiring user sessions
Most Awaited Ebook Is HERE!
Let Us Take Care Of All Your M1 to M2 Migration Woes.
Magento Open Source 2.1.9 and 2.0.16
These updates enhance and improve your Magento’s security, and here are the vulnerabilities the update claims to resolve:
Remote Code Execution vulnerability in CMS and layouts
Arbitrary File Disclose
Arbitrary File Delete
Arbitrary file delete + Lack of input sanitization leading to Remote Code Execution
Order history disclosure
Overwrite a Relative Path in Sitemap
Setup pages expose sensitive data
CSRF + Stored Cross Site Scripting (customer group)
Security Issue with referrer
Stored XSS – Add new group in Attribute set name
Admin Notification Stored XSS
Potential file uploads solely protected by .htaccess
Customer login authenticates two different sessions
Customer registration through frontend does not have anti-CSRF protection
CMS Page Title Stored XSS
Anti-CSRF form_key is not changed after login
CSRF + Stored Cross Site Scripting in newsletter template
XSS in admin order view using order status label in Magento
Stored Cross-Site Scripting in email template bypass
Stored XSS on product thumbnail
Possible XSS in admin order view using order code label
Stored XSS using svg images in Favicon
Injection on Page leading to DoS
Stored XSS in integration activation
Any admin user can upload Favicon Icon
Stored XSS through customer group name in admin panel
Access Control Lists not validated when using quick edit mode in tables
Order Item Custom Option Disclosure
API token does not correctly expire
Anonymous users can view upgrade progress updates
Full Path Disclosure Web Root Directory
Admin login does not handle autocomplete feature correctly
Customer email enumeration through frontend login
Any user can interact with the sales order function despite not being authorized
It also carries support for following issues:
RSS session admin cookie can be used to gain Magento administrator privileges.
Remote Code Execution vulnerability in CMS and layouts
Exposure of Magento secret key from app/etc/local.xml
Directory traversal in template configuration
CSRF + Stored Cross Site Scripting (customer group)
Admin Notification Stored XSS
Potential file uploads solely protected by .htaccess
CSRF + Stored Cross Site Scripting in newsletter template
XSS in admin order view using order status label in Magento
Customer Segment Delete Action uses GET instead of POST request
Order Item Custom Option Disclosure
Admin login does not handle autocomplete feature correctly
Secure cookie check to prevent MITM not expiring user sessions
Do give the updates a spin before you deploy them on your Magento store just to be on the safe side. However, make sure that your stores are updated at the earliest!
Subscribe Newsletter
Subscribe to get latest Magento news
Syed Muneeb Ul Hasan
Syed Muneeb Ul Hasan is an expert in PHP and Magento, he prefers to educate users in implementing and learning Magento. When not working, he loves to watch cricket.