Magento Security Patch SUPEE-10415 Now Available

Magento has just released the SUPEE-10415 security patch for the following versions:

  • Magento Commerce 1.9.0.0-1.14.3.7 (formerly known as Enterprise Edition)
  • Magento Open Source 1.5.0.0-1.9.3.7 (formerly known as Community Edition)

The patch contains fixed for several security vulnerabilities including cross-site request forgery (CSRF), Denial-of-Service (DoS), and authenticated Admin user remote code execution (RCE).

You can learn more about the patch and download it here: https://magento.com/security/patches/supee-10415

As with all Magento 1 security patches, I'd strongly recommend using the Experius Patch Helper to help you identify any overridden files that will also need to be patched.

Enjoy this article?

About Colin O'Dell

Colin O'Dell

Colin O'Dell is a Lead Software Engineer at SeatGeek. In addition to being an active member of the PHP League and maintainer of the league/commonmark project, Colin is also a PHP docs contributor, conference speaker, and author of the PHP 7 Migration Guide.