On April 28th, 2020, Adobe released the SUPEE-11314 security patch for Magento 1 users.
Then, on May 12th, 2020, Adobe released v2. If you already installed the old patch, the guidance is to revert and install the new v2 patch. It appears that some security fixes were missing in the original version of the patch.
I did not see any mention of this in the forums, or any e-mail from Adobe on this topic (although I could have missed something) and wanted to make sure that folks were aware. So far, most members of the Magento community that I've brought this up to have been unaware.
Solved! Go to Solution.
I came to this thread as since the upgrade to a pristine copy of 18.104.22.168, the site is failing Security Scan wit the error "SUPEE-11314 - Failed. Weak password requirements found (MPERF-10886)"
Having compared 22.214.171.124 and the patch files I can see the SUPEE-11314-v2 is installed - since the removal of M1 resource the only way to check is by performing diff etc.
I am posting this here as I suspect the fail is a false positive due to the accompanying jquery 1.12.0 error. I suspect the security scan is triggering both these errors on the jquery 1.12.0 version being present.