Magento Patches Critical SQL Injection and RCE Vulnerabilities

Magento patched 37 flaws Thursday, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site.

Link: https://threatpost.com/magento-xss-csrf-rce-vulnerabilities/143274/