We have just released a security update to the Ecommerce Module
(0.5.3). If you are running the ecommerce module then you are strongly
recommended to upgrade to the 0.5.3 release.
This fix has been applied to both the 0.5.2 branch and the trunk of
ecommerce so If you have been using an svn checkout of either of these
you just need to run an svn update on your projects as soon as
possible to secure your installation.
Download:
http://silverstripe.org/assets/modules/stable/ecommerce-v0.5.3.tar.gz.
If you wish to raise further security issues please email
secu...@silverstripe.com
Cheers,
Will