Magento - 04/08/15

Magento Patch (SUPEE-6482)

By Matthew Ryan - Director

01. Magento Patch (SUPEE-6482)

SUPEE-6482 has been released and resolves several security related issues:

Issues resolved:

SSRF Vulnerability in WSDL file – APPSEC-1020
Autoloaded File Inclusion in Magento SOAP API – APPSEC-1019
Cross-site Scripting/Cache Poisoning – APPSEC-1030
Cross-site Scripting in Gift Registry Search – APPSEC-1022

Full patch notes can be found here