Grave SQL Injection and RCE Flaws Patched by Magento
By As many as 37 faults were patched by Magento on Thursday, including a stored cross-site scripting (XSS) flaw that could have allowed an attacker to take over a website. The gravest of the viruses is a distant code-execution (RCE) susceptibility that could let a genuine user, with limited approvals, create special Continue Reading