[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Appcheck-NG] Unpatched Vulnerabilities in Magento E-Commerce Platform

To: "'bugtraq@xxxxxxxxxxxxxxxxx'" <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: [Appcheck-NG] Unpatched Vulnerabilities in Magento E-Commerce Platform
From: AppCheck_Advisories <advisories@xxxxxxxxxxxxxxx>
Date: Tue, 4 Nov 2014 09:13:53 +0000

On April 8th 2014, AppCheck reported several Cross Site Scripting 
Vulnerabilities in the Magento e-commerce platform via the eBay bug bounty 
program. eBay responded to inform us that the vulnerabilities had already been 
reported.

However, since more than 6 months have passed and no fix is yet available, This 
advisory is intended to inform Magento administrators of the vulnerability so 
that action can be taken to mitigate the flaw.

Advisory Link: 

http://appcheck-ng.com/unpatched-vulnerabilites-in-magento-e-commerce-platform/


#####################################################################################
Scanned by MailMarshal - M86 Security's comprehensive email content security 
solution. 
For details on purchasing MailMarshal or alternative Mail Security products 
please 
contact our Sales Team on 01924 284 240 Option 1
#####################################################################################

Prev by Date: [slackware-security] php (SSA:2014-307-03)
Next by Date: [SECURITY] [DSA 3064-1] php5 security update
Previous by thread: [slackware-security] php (SSA:2014-307-03)
Next by thread: [SECURITY] [DSA 3064-1] php5 security update
Index(es):
- Date
- Thread