Magento store owners, you need to take quick action right now, and install Magento 2 Patch APSB23-35 to keep your security intact.
If you run a store on Adobe Commerce and Magento Open source in the following version, your store is at a security risk.
- Adobe Commerce – 2.4.6 and earlier, 2.4.5-p2 and earlier, 2.4.4-p3 and earlier, 2.4.3-ext-2 and earlier*, 2.4.2-ext-2 and earlier*, 2.4.1-ext-2 and earlier*, 2.4.0-ext-2 and earlier*, 2.3.7-p4-ext-2 and earlier*
- Magento Open Source – 2.4.6 and earlier, 2.4.5-p2 and earlier, 2.4.4-p3 and earlier
These versions are currently at the hacker’s rader, where, if they successfully hack it, they can run arbitrary code from your store, have complete access to all your codes and files, and pass certain security measures. Here is the instant solution to avoid this from happening!
Security Solution for Adobe Commerce & Magento 2
On 13th June 2023, Adobe released a security patch, APSB23-35, to fix this issue and avoid any security threat from hackers. This security patch update addresses various vulnerabilities in the Adobe software, and if this issue slips through the crack, it can affect the store and the system.
We highly recommend every store owner using the affected versions to install the patch as the CVSS (Common Vulnerability Scoring System) is 9.1/10 among the 12 different vulnerability issues affected by this security issue.
Cross-site is one of them, where the hacker can add malicious scripts or code to your site, hindering your site’s performance. The other vulnerability issues that can come with this issue are Incorrect Authorization (severity score: 7.5), XML Injection – aka Blind XPath Injection (severity score: 6.5), Information Exposure (severity score: 5.3), and more.
Here are the list of affected versions for Abode commerce and Magento 2
| Products | Versions |
|---|---|
| Abode commerce | 2.4.6 and earlier |
| Abode commerce | 2.4.5-p2 and earlier |
| Abode commerce | 2.4.4-p3 and earlier |
| Abode commerce | 2.4.3-ext-2 and earlier* |
| Abode commerce | 2.4.2-ext-2 and earlier* |
| Abode commerce | 2.4.1-ext-2 and earlier* |
| Abode commerce | 2.4.0-ext-2 and earlier* |
| Abode commerce | 2.3.7-p4-ext-2 and earlier* |
| Magento 2 | 2.4.6 and earlier |
| Magento 2 | 2.4.5-p2 and earlier |
| Magento 2 | 2.4.4-p3 and earlier |
We highly recommend to install Magento 2 Patch APSB23-35 to keep your store safe from hackers. You have spent much time and effort building your store, don’t let these efforts become futile due to security reasons.
If you need a helping hand in conducting this process, you can use our Magento Security Patches Installation Service to install the security patch. Our Magento 2 experts will conduct this process without affecting your store theme or any other functionalities.
