Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Critical Vulnerabilities Found in Magento Amasty RMA Extension – Update Immediately

‎07-05-2017 03:53 AM
‎07-05-2017 03:53 AM

Critical Vulnerabilities Found in Magento Amasty RMA Extension – Update Immediately

Amasty RMA extension is used by a number of community and enterprise edition stores. The plug-in is found to have a couple of critical vulnerabilities. The two vulnerabilities found are:

  1. Malicious file upload possible
  2. Directory Traversal

More details here: https://www.getastra.com/blog/cms/magento-security/vulnerability-magento-rma-extension/

The vendor has patched the vulnerability, it is recommended to update. 

0 Kudos
Reply
1 REPLY 1
‎07-14-2017 02:19 AM
‎07-14-2017 02:19 AM

Re: Critical Vulnerabilities Found in Magento Amasty RMA Extension – Update Immediately

This issue was fixed back in May, so the current version of our RMA extension (1.3.11) has no vulnerabilities.

Last month we made all updates of our extensions free of change, so everyone who has ever bought our RMA mod can easily upgrade it to the current version.

Was my answer helpful? You can accept it as a solution.
230+ professional extensions for M1 & M2 with free lifetime updates!
0 Kudos
Reply