SUPEE-6482 shows unknown

Thunghiem · ‎01-31-2016

After install 6482.

I checking on magereport.com and it show Unknow.

Security patch 6482 (XSS) unknown

Can you help me.

Mukesh Tiwari · ‎02-01-2016

Hi @Thunghiem

Which version of Magento are you using and how did you apply the patch?

Check app/code/core/Mage/Api/Model/Server/Adapter/Soap.php file

-        if( $withAuth ) {
-            $phpAuthUser = $this->getController()->getRequest()->getServer('PHP_AUTH_USER', false);
-            $phpAuthPw = $this->getController()->getRequest()->getServer('PHP_AUTH_PW', false);
+        if ( $withAuth ) {
+            $phpAuthUser = rawurlencode($this->getController()->getRequest()->getServer('PHP_AUTH_USER', false));
+            $phpAuthPw = rawurlencode($this->getController()->getRequest()->getServer('PHP_AUTH_PW', false));
+            $scheme = rawurlencode($this->getController()->getRequest()->getScheme());

in the above file the line which have - in front of them should be replaced by the lines with + in front of them.

If you see as I mentioned I think you have applied the patch correctly.

I have mentioned the code from patch file PATCH_SUPEE-6482_CE_1.8.0.0_v1-2015-08-03-06-52-35.sh

magereport.com do not have access to your code so it may show false reoort also.

---
Problem Solved Click Accept as Solution!:Magento Community India Forum

Thunghiem · ‎02-01-2016

Dear muk_t,

In admin it show version 1.9.1.0. But when i check on this page

http://magescan.steverobbins.com/

It show version is 1.9.2.0.

I try apply version 1.9.1.1 and 1.9.2.0 all it still show unknown.

Thunghiem · ‎02-01-2016

Dear muk_t,

How will i do to downgrade to 1.9.1.0 from 1.9.2.0.

Thanks.

SUPEE-6482 shows unknown

SUPEE-6482 shows unknown

Re: SUPEE-6482 shows unknown

Re: SUPEE-6482 shows unknown

Re: SUPEE-6482 shows unknown