Adobe has released a security update for Adobe Commerce and Magento Open Source to resolve critical and medium vulnerabilities. Experts have warned that successful exploitation of this vulnerability could lead to arbitrary code execution and security feature bypass.
Adobe Commerce 2.4.5-p1 is a security release that provides five security fixes to enhance the Adobe Commerce or Magento Open Source 2.4.5 deployment. It provides fixes for vulnerabilities identified in the Adobe Commerce and Magento Open Source 2.4.5 release.
The other security release, Adobe Commerce 2.4.4-p2, also provides five security fixes that enhance the Adobe Commerce or Magento Open Source 2.4.4 deployment. It provides fixes for vulnerabilities identified in the Adobe Commerce and Magento Open Source 2.4.4 release.
One of the fixes in both security releases includes the creation of a new configuration setting. The Require email confirmation if email has been changed configuration setting lets administrators require email confirmation when an admin user changes their email address.
Apply AC-3022.patch to continue offering DHL as a shipping carrier
DHL has introduced schema version 6.2 and will deprecate schema version 6.0 soon. Adobe Commerce 2.4.4 and earlier versions that allow DHL integration support only version 6.0. Merchants deploying these releases should apply AC-3022.patch at their earliest convenience to continue offering DHL as a shipping carrier.
These patches are vital for both Adobe Commerce and Magento Open Source.
These patches fix vulnerabilities in Magento and are marked as critical. As an Adobe Solutions partner, we highly recommend applying them to your Adobe Commerce or Magento store at the earliest. Connect with an eCommerce expert now!