2 matches found
FreeBSD : magento -- multiple vulnerabilities (ea1d2530-72ce-11e5-a2a1-002590263bf5)
Magento, Inc. reports : SUPEE-6482 - This patch addresses two issues related to APIs and two cross-site scripting risks. SUPEE-6285 - This patch provides protection against several types of security-related issues, including information leaks, request forgeries, and cross-site scripting. SUPEE-59...
Mail support request accepts any e-mail address
The SupportUtility allows the user to enter an arbitrary e-mail address to send a copy of the e-mail to. This issue removes the option for users to enter an e-mail address to CC. This issue also introduces a flag that prevents the TO address from being changed through the web interface. By defaul...