lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <3B8F2B331387E6448408605990205E9B2978C2FD1A@exch.sec-1.local>
Date: Tue, 4 Nov 2014 09:13:53 +0000
From: AppCheck_Advisories <advisories@...check-ng.com>
To: "'bugtraq@...urityfocus.com'" <bugtraq@...urityfocus.com>
Subject: [Appcheck-NG] Unpatched Vulnerabilities in Magento E-Commerce
 Platform

On April 8th 2014, AppCheck reported several Cross Site Scripting Vulnerabilities in the Magento e-commerce platform via the eBay bug bounty program. eBay responded to inform us that the vulnerabilities had already been reported.

However, since more than 6 months have passed and no fix is yet available, This advisory is intended to inform Magento administrators of the vulnerability so that action can be taken to mitigate the flaw.

Advisory Link: 

http://appcheck-ng.com/unpatched-vulnerabilites-in-magento-e-commerce-platform/


#####################################################################################
Scanned by MailMarshal - M86 Security's comprehensive email content security solution. 
For details on purchasing MailMarshal or alternative Mail Security products please 
contact our Sales Team on 01924 284 240 Option 1
#####################################################################################

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ