Install Security Patch SUPEE-6285

Availability: Temporary Unavailable


Be the first to review this product

Quick Overview

To further secure your store from potential risks, Magento has released, on July 7th, a new security patch (SUPEE-6285) that addresses 8 issues which affect all versions of Magento Community and Enterprise.

Install Security Patch SUPEE-6285

The patch addresses a range of issues, including scenarios where an attacker can pose as administrator and gain access to the last orders feed. Order feeds contain personally identifiable information that can then be used to obtain more sensitive information in follow-on attacks.

Also the patch closes a number of security gaps including cross-site scripting (XSS), cross-site request forgery (CSRF), and error path disclosure vulnerabilities.

Here is the detailed list of all vulnerabilities your store is exposed to:

  • Customer Information Leak via RSS and Privilege Escalation;
  • Request Forgery in Magento Connect Leads to Code Execution;
  • Cross-site Scripting in Wishlist;
  • Cross-site Scripting in Cart;
  • Store Path Disclosure;
  • Permissions on Log Files too Broad;
  • Cross-site Scripting in Admin;
  • Cross-site Scripting in Orders RSS.

Before implementing this new security patch, you must first implement Security Patch SUPEE-5994 (issued May 14, 2015). This will ensure that the patch works properly.
Purchase “Install Security Patch SUPEE-6285 ” service and we’ll provide the necessary support!We’ll contact you as soon as we receive the confirmation of your purchase to begin the installation of the security patches.

Ratings and Review

How do you rate this product? *

  1 star 2 stars 3 stars 4 stars 5 stars
The product is well documented
Easy to install

Questions about Install Security Patch SUPEE-6285

This product has no questions yet.