Magento 1.9.3.3 Update

·

·

Magento 1.9.3.3 was released on May 31 and is a security update for multiple critical security issues. The issues are also fixed in Magento 2.0 and 2.1, although upgrading from 1.9 to 2.1 is not directly possible.

The patch SUPEE-9767 addresses several security issues, like:

  • APPSEC-1777: Remote Code Execution in DataFlow
  • APPSEC-1686: Remote Code Execution in the Admin panel
  • APPSEC-1634: XSS in data fields

These critical issues include remote code execution for authenticated Admin users, access control bypass, and cross-site request forgery issues. More details can be found in the Magento Security Center.

Magento 1.9.3.3 contains also an update for PayPal’s Instant Payment Notifications, which is necessary for retaining uninterrupted service after June 30.

It was reported that the update caused jQuery compatibility issues, that’s why it is very important to backup before upgrading or even better to first upgrade in a local test environment.

https://twitter.com/peterbaettig/status/870203863038652416

 


Kategorien

Beliebte Tags

AI blockchain ecommerce ethics events Magento marketing Metaverse NFTs privacy security SEO shopify socialmedia update WooCommerce WordPress


Der englischsprachige Podcast von Openstream. Discover how memes, AI, and digital culture shape our world, challenge norms, and redefine what it means to be human.

spotify-podcast-badge
Listen on Apple Podcast