Prestashop 1.7.6.5 is released
Hi All, Prestashop 1.7.6.5 is available. Some fixes in backend, frontend and security are done. Make sure to upgrade to latest version in order to get a stable and secure eShop. If you have any question on upgrade, please feel free to let us know.
Main fixes
Below are listed the 7 regressions that were found and fixed in this version, impacting both front-office and back-office.
Front-office regressions:
- When editing an address both in the customer account and checkout, a new address was created instead of replacing it
- Canonical redirects for products with combinations no longer worked, which could cause duplicate content
Back-office regressions:
- When adding a cart rule to an order from the back-office, the value discount was not correct
- Searching a category with the quick search no longer redirected to the category edition page –
- The help card was no longer displayed on view order and new employee pages –
- In the customer view page, the number of “last emails” was incorrect –
- It was not possible to access the translation interface for the Serbian language –
Security fixes
Some security fixes have been included in this patch version to ensure an improved core reliability. Thanks a lot to Rabhi for finding a lot of these issues !
Improper access controls:
- on product page with combinations, attachments and specific prices
- on product attributes page
- on customers search
- on several other pages
Reflected XSS:
- related in import page (security advisory)
- with back parameter (security advisory)
- on Exception page (security advisory)
- on AdminCarts page (security advisory)
- on Search page (security advisory)
- on dashboard calendar (security advisory)
- on AdminFeatures page (security advisor)
- on AdminAttributesGroups page (security advisory)
- in security compromised page (security advisory)
Open redirection:
- with the back parameter (security advisory)
A few security issues have also been fixed on native modules:
- Faceted Search – Reflected XSS with url_name parameter (security advisory)
- Social follow – Reflected XSS with social networks fields (security advisory)
- Link List – Stored XSS on back office edit page (security advisory) and stored XSS with custom URLs (security advisory)
More information about why it’s important to update:
The detail please look at the following link
https://build.prestashop.com/news/prestashop-1-7-6-5-maintenance-release/
Related Post
ManyChat Customer Chat Setup
Deprecated: Function create_function() is deprecated in /opt/lampp/htdocs/genkiware/wp-content/themes/optima/single.php on line 185
Customer Chat Growth Tool is for your website and convert…
Which big data framework to choose?
Deprecated: Function create_function() is deprecated in /opt/lampp/htdocs/genkiware/wp-content/themes/optima/single.php on line 185
A quick glance at the marketplace scenarioEach Hadoop and Spark…
There are no reviews yet.