Our developers have found a serious security vulnerability in CS-Cart. The identified vulnerability could allow malicious users to gain access to sensitive information in your online store or marketplace. Our team has already addressed this issue in CS-Cart version 4.17.2 SP1. We are not disclosing more details, because to our knowledge, the vulnerability hasn’t been exploited yet.
There are two ways to close the vulnerability:
If you are using CS-Cart 4.17.2, the upgrade to version 4.17.2 SP1 is already available in your Upgrade Center.
If you are using an older version and can’t upgrade, you can still fix the problem.
Go to the File Area in the Help Desk 2, open the Updates folder and find the “
Security Fixes (January 2024) for 4.0.1 — 4.17.2” add-on. Download it and
install the add-on using our instructions.
This patch is a must-have and we strongly recommend closing this vulnerability as soon as possible.