A serious RCE (remote code execution) vulnerability has been discovered in Magento. The vulnerability exists in 1.9.1.0 CE and 1.14.1.0 EE (the latest version as of this writing). Full details of the vulnerability can be found on the Check Point web site. We urge all customers running Magento to apply patch SUPEE-5344.
Tags: Magento