Categories
Magento

CRITICAL PATCH SUPEE-6285 PATCH BUNDLE

2015 Patches SUPEE-6285

Patch Bundle Date of Release: 07/07/2015

This bundle includes protection against the following security-related issues:

  • Customer Information Leak via RSS and Privilege Escalation
  • Request Forgery in Magento Connect Leads to Code Execution
  • Cross-site Scripting in Wishlist
  • Cross-site Scripting in Cart
  • Store Path Disclosure
  • Permissions on Log Files too Broad
  • Cross-site Scripting in Admin
  • Cross-site Scripting in Orders RSS

Full details here: http://merch.docs.magento.com/ce/user_guide/Magento_Community_Edition_User_Guide.html#magento/patch-releases-2015.html