Hello
Have a customer running Magento CE 1.7.0.2 and they want to fix the xss problem with media.swf, See http://magento.stackexchange.com/questions/49676/magento-swf-xss-vulnerability-how-to-address-it
I dont find a patch that solve this problem. Is there any patch for Community edition?
/Johan
Hi @Roberthson
Why don't you upgrade to latest Magento version? It will keep you updated with all security fixes.
Thanks
The only patch to fix it is an upgrade to a version that doesn't have the issue.
The only workaround is to whitelist access to the .swf files using .htaccess or other access restrictions
