Al Brookbanks

CubeCart 6.1.4 Released

Recommended Posts

A security directory traversal vulnerability has been discovered in all version of CubeCart version 6. CubeCart version 6.1.4 has been release which patches this.

We recommend that all merchants upgrade to 6.1.4 or patch their store as soon as possible. 

Manual Patch: https://github.com/cubecart/v6/commit/8f1ec4e87c58e60e7fd865eabc6a1ab2b721729c
Download: CubeCart-6.1.4.zip

We would like to pass on our warm thanks to all the staff at Japan Computer Emergency Response Team (JPCERT) Coordination Center for discovering this issue and for handling it so professionally. 

Share this post


Link to post
Share on other sites