Adobe, Magento e-commerce platform critical "Sessionreaper" joined the vulnerability

Adobe has released an emergency update for a critical vulnerability on e-commerce solutions Commerce and Magento Open Source platforms.

According to Sansec, a cyber security company, Adobe informed its selected customers about the security vulnerability on September 4 and announced that it would publish a patch on 9 September.

Adobe announced that there is no finding on the security bulletin so far.

Researchers stressed that the deficit is especially effective in store installations where the session data is stored in the file system.

Update advice now
Adobe released the patch directly as a downloadable package and advised the managers to test and disperse without wasting time.

Sansec, SessionReaper açığının yakın geçmişteki Cosmicssting, Trojanorder, Ambionics Sqli ve Shoplift vakalarıyla aynı ciddiyet seviyesinde olduğunu ve otomasyon yoluyla kitlesel istismara uygun olduğunu belirtiyor.

Researchers did not share the technical details of the deficit, but the attack was watching a similar model with last year's Cosmicssting.

Kaynak: Beykozun Sesi