Magento 1.9.2.0 released with Security Patch SUPEE-6285

Magento 1.9.2.0 is now available via Softaculous. This release includes security patch SUPEE-6285 and it is strongly recommended to update your sites immediately.

You can refer to the following guide on how to upgrade your installations :
http://www.softaculous.com/docs/How_to_upgrade_installations

Details of the security patch are listed below :

SUPEE-6285 Patch Bundle

Date of Release: 07/07/2015

This bundle includes protection against the following security-related issues:

  • Customer Information Leak via RSS and Privilege Escalation
  • Request Forgery in Magento Connect Leads to Code Execution
  • Cross-site Scripting in Wishlist
  • Cross-site Scripting in Cart
  • Store Path Disclosure
  • Permissions on Log Files too Broad
  • Cross-site Scripting in Admin
  • Cross-site Scripting in Orders RSS

Source : http://docs.magento.com

Leave a comment