Get a Pentest and security assessment of your IT network.

Cyber Security

Magento Warns E-Commerce Sites to Upgrade ASAP to Prevent Attacks

Magento is urging web administrators to install its latest security update in order to defend against malicious attacks in the wild that could exploit a critical remote code-execution vulnerability. The vulnerability (CVE-2019-8144) could enable an unauthenticated user to insert a malicious payload into a merchant s site through Page Builder template methods, and execute it. The bug specifically exists in the preview function of Magento Commerce 2.3. The company warned patching will have the side effect of blocking administrators from viewing previews for products, blocks and dynamic blocks

Source: https://threatpost.com/magento-warns-upgrade-asap/150115/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation