Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Patch for media.swf xss security problem

‎11-20-2015 02:09 AM
‎11-20-2015 02:09 AM

Patch for media.swf xss security problem

Hello

 

Have a customer running Magento CE 1.7.0.2 and they want to fix the xss problem with media.swf, See http://magento.stackexchange.com/questions/49676/magento-swf-xss-vulnerability-how-to-address-it

 

I dont find a patch that solve this problem. Is there any patch for Community edition?

 

/Johan

0 Kudos
2 REPLIES 2
‎11-20-2015 03:10 AM
‎11-20-2015 03:10 AM

Re: Patch for media.swf xss security problem

Hi @Roberthson

 

Why don't you upgrade to latest Magento version? It will keep you updated with all security fixes.

 

Thanks

---
Problem Solved Click Accept as Solution!:Magento Community India Forum
0 Kudos
‎11-20-2015 09:16 AM
‎11-20-2015 09:16 AM

Re: Patch for media.swf xss security problem

The only patch to fix it is an upgrade to a version that doesn't have the issue.

 

The only workaround is to whitelist access to the .swf files using .htaccess or other access restrictions

0 Kudos