Why is BL_CustomGrid not included in the list? #28
Comments
|
I wasn't entirely certain that BL_CustomGrid is vulnerable or that attackers were trying to exploit it. Additional info welcome! |
|
@gwillem Thank you for your response. If I have some time in the near future I will have a look at it to determine if I can find a way to exploit it. I thought you already did so I disabled this module for some clients but did noticed that it was not being reported while enabled at a new clients Magento store. |
|
Does the following link help? https://www.cybersecurity-help.cz/vdb/SB2018102411?affChecked=1 |
|
I can take this. I'm preparing anyways a PR here about one other vuln. Also I'm currently going trough this BL. |
|
Currently working on this, will open PR and publish blog post today. |
Merged
|
Waiting #48 to pass. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It is mentioned in https://gwillem.gitlab.io/2018/10/23/magecart-extension-0days/
The text was updated successfully, but these errors were encountered: