Reading Time: < 1
Magento has just released its latest SUPEE patch ‘9652’ to address a possible Zend library vulnerability.
Vulnerability Description:
Zend Framework 1 vulnerability can be remotely exploited to execute code in Magento 1.
To be affected by the vulnerability the installation has to:
– use sendmail as the mail transport agent
– have specific, non-default configuration settings
Severity Level:
Critical – If you are running one of the affected Magento versions it is important that this SUPEE patch is installed.
Product(s) Affected:
Magento Community Edition prior to 1.9.3.2, and Magento Enterprise Edition prior to 1.14.3.2, Magento 2.1 versions prior to 2.1.4 and Magento 2.0 versions prior to 2.0.12.