Security Patch -SUPEE-6285 – A New Announcement From Magento
Just after two Magento security vulnerability announcements, there is another new announcement of the critical Magento update i.e, “SUPEE-6285” on July 7, 2015. According to Magento’s official website, a new security patch, i.e, SUPEE-6285 addresses critical security vulnerabilities. This patch is primarily released to resolve a variety of security related issues, such as customer information Leak via RSS and privilege escalation, request forgery in Magento connect leads to code execution, cross-site scripting in wishlist, cross-site scripting in cart, store path disclosure, permissions on log files too broad, cross-site scripting in admin and cross-site scripting in orders RSS.
After this Magento Announcement, we will be investing more on this today in order to help you more. In case of an urgent patch requirement, kindly feel free to contact us as we have already updated more than 80 stores for previous Shoplift bug even with no SSH access.
Keep an eye on our updated posts as we will be bringing this post with up-to-date methods of applying this patch.