Re: Imediate Action - Magento Security Scan XS Vul... - Page 2

fieldcutter · ‎06-11-2019

Hi

i.e. 52.87.98.44

Pretty sure that was the same IP was observed in our logs. It's part of a big range on AWS:

fieldcutter · ‎06-30-2019

Hello MazerStricks

We see 52.87.98.44, but cannot say if that is the only IP or indeed if it periodically changes.

Yesterday we updated to 2.3.2, and yet again the Magento Security Scan fails with this result:

XS Vulnerability - Failed.
XSS Patch not detected (APPSEC-1802)

The suggested action is to:

"the Magento 2.0.16/2.1.9, 2.2.5/2.1.14, 2.2.7/2.1.16 Security Update immediately........." yet the site is running 2.3.2 !!

jorgb · ‎07-09-2019

Same here.. We are running 2.3.2 and the security scan is telling us "XSS Patch not detected (APPSEC-1802)"

fieldcutter · ‎07-09-2019

Hi Jorgb

Thanks for the update , appreciated !

That's the exact same message we have been getting.

Are you by any chance using HTML/CSS minification ? we were using this.

So we disabled minification, and all scans ran with "No Issues found" !!!

chichitsai0517 · ‎03-09-2020

I am on Magento 2.3.4 and all suddenly getting the "Failed.XSS Patch not detected (APPSEC-1716)".

Did you find a way to resolve this?

Imediate Action - Magento Security Scan XS Vulnerability APPSEC-1802