Security
-
https://github.com/DeployEcommerce/module-trojan-order-prevent
This is a Magento 2 extension that prevents billing/shipping addresses being saved via the API with known trojan order strings. This is not a fix for CVE-2022-24086 but an additional layer of protection for merchants.
20 Aug 2024
-
https://www.yireo.com/blog/2024-08-02-magento-and-hyva-checkout-and-csp
For some time now, Magento has been shipping with a CSP module, in general for security reasons but more specifically for PCI compliance. Magento 2.4.7-p1 changed the game and Hyvä is as-of-yet not compatible with these new changes. But there are solutions.
02 Aug 2024
