Blog

Connect, Educate, Learn, Collaborate...

03Apr
2019

Magento Releases New Security Patches for SQL Injection Vulnerability

Magento Security Patches

When it comes to an Ecommerce store, the first and the foremost concern that comes to our mind the Security. Owing to this, the latest Magento Commerce and Open Source versions – 2.3.1, 2.2.8 and 2.1.17 have multiple security enhancements. They help close Cross-Site Scripting (XSS), Remote Code Execution (RCE) and other vulnerabilities.

Also, the Merchants who have not downloaded or upgraded to Magento 2 must go straight to Magento Open Source 2.3.1 or Magento Commerce 2.3.1.

However, a vital security concern that needs immediate attention of Ecommerce merchants is a SQL injection vulnerability, identified in pre-2.3.1 Magento code. You must install patch PRODSECBUG-2198 to quickly protect your online store from this vulnerability.

But we recommend that you must upgrade to Magento Open Source or Commerce 2.3.1 or 2.2.8 to protect against this as well as other vulnerabilities. Install these full patches immediately.

The security patch for Magento Open Source 1.9.4.1 and Commerce 1.14.4.1, SUPEE-11086 also contain security enhancements to close RCE, XSS, cross-site request forgery (CSRF) and various other vulnerabilities.

The patches and upgrades are available for these Magento versions:

Magento Commerce 1.9.0.0-1.14.4.0: Install SUPEE-11086 or upgrade to Magento Commerce 1.14.4.1.

Magento Open Source 1.5.0.0-1.9.4.0: Install SUPEE-11086 or upgrade to Magento Open Source 1.9.4.1.

You can get more details about the download sources for SUPEE-11086 and PRODSECBUG-2198 from Magento.com.

The SQL Injection vulnerability can lead to major security threats to your store including the extraction of card data by hackers. Install the security patches or upgrade your Magento store by contacting a trusted Magento development service provider like ioVista and get your Ecommerce business safeguarded from any kind of threats and vulnerabilities.

Mike Patel
Mike Patel

Leave a Comment

Every week, we share insider tips to building your brand, increasing your traffic and growing your sales online

Archive

Our Clients

  • IR_Trane_Logo_3
  • aerotechdesigns
  • dualeyewear
  • elementmoving
  • eyecare-universe
  • i-tech-company
  • luxury-candle-brands
  • newgel
  • norman-love
  • north-bloomefield
click me

Contact Us