Magento Fixes Vulnerabilities Resulting in Site Takeover
By Of late, Magento addressed susceptibilities that could be misused by unverified attackers to capture administrative sessions and then totally take over flawed web stores. For an effective attack, a threat actor would first have to use a Stored Cross-Site Scripting (XSS) fault to inject a JavaScript payload into the administrator Continue Reading