Received CRITICAL report over night from the Magento Security Tool.
"Magento Compromise Injection" "Your site is compromised with injected JavaScript. (64)
The malicious code signature(s) has been found on the page."
I've re-run the scan and get the same result each time.
I've been running simple mwscan, maldet, etc since notified, but nothing is being found so far. I also could not find any changes to any Magento files (although perhaps the javascript could have been injected into CMS/database content?).
I also struggled to get mwscan working by following the instructions on the Magento site as they appear to reference files that don't exist -- have there been changes to mwscan since the Magento instructions were written?
Is it possible that this is a false positive, as I've seen similar posts here indicating? Are there any other ways I should attempt to test in order to prove this? Thanks!
Hi @threedtotal,
I guess is possible to find the javascript injection inside CMS or maybe the miscelaneous scripts.
Also, sometimes you'll get a false positive too.
Maybe @msavich can help here or you can contact Magento Security Team regarding the security scan tool over support team or directly at security@magento.com
To report a proven security vulnerability please submit it over BugCrowd project: https://bugcrowd.com/magento
Hello @threedtotal,
Please send the email to securityinfo@magento.com with your store URL and link to this thread.