

The DHL Integration schema has been updated from v6.0 to v6.2. PHPStan (^1.5.7 with constraint) GitHub-35315 Earlier versions of TinyMCE (v5.9.2 or earlier) allowed arbitrary JavaScript execution when a specially crafted URL or an image with a specially crafted URL was updated. The MaliciousCode filter has been upgraded to use the HtmlPurifier library. Inventory template security has been enhanced. ReCAPTCHA support has been added to the Wish List Sharing, Create New Customer Account, and Gift Card forms.ĪCL resources have been added to Inventory. Security improvements for this release improve compliance with the latest security best practices, including: See Adobe Security Bulletin for the latest discussion of these fixed issues. use of a unique location rather than /admin.As a result, we remind you to take all necessary steps to protect your Admin, including but not limited to these efforts:

Most of these issues require that an attacker first obtains access to the Admin. However, certain vulnerabilities can potentially be exploited to access customer information or take over administrator sessions. No confirmed attacks related to these issues have occurred to date. This security fix has been backported to Magento Open Source 2.4.4-p1 and Magento Open Source 2.3.7-p4. This release includes 20 security fix and platform security improvements. Look for the following highlights in this release. Bug fixes for these projects are documented in the separate, project-specific release information that is available in the documentation for each project. Not all releases introduce major BICs.) Other release informationĪlthough code for these features is bundled with quarterly releases of the Magento Open Source core code, several of these projects are also released independently. (Major backward-incompatible issues are described in BIC highlights. To review these backward-incompatible changes, see BIC reference. Magento Open Source 2.4.5 contains backward-incompatible changes. Releases may contain backward-incompatible changes (BIC). This release includes over 290 quality fixes and enhancements. It includes updates to integrated Google modules. Magento Open Source introduces improvements to platform quality, payment methods, GraphQL caching performance, and accessibility. See Migrated topics for the complete list. This page has moved and will be redirected soon.


