cancel
Showing results for 
Search instead for 
Did you mean: 

Patch for media.swf xss security problem

Patch for media.swf xss security problem

Hello

 

Have a customer running Magento CE 1.7.0.2 and they want to fix the xss problem with media.swf, See http://magento.stackexchange.com/questions/49676/magento-swf-xss-vulnerability-how-to-address-it

 

I dont find a patch that solve this problem. Is there any patch for Community edition?

 

/Johan

2 REPLIES

Re: Patch for media.swf xss security problem

Hi @Roberthson

 

Why don't you upgrade to latest Magento version? It will keep you updated with all security fixes.

 

Thanks

---
Problem Solved Click Accept as Solution!:Magento Community India Forum

Re: Patch for media.swf xss security problem

The only patch to fix it is an upgrade to a version that doesn't have the issue.

 

The only workaround is to whitelist access to the .swf files using .htaccess or other access restrictions