Magento a publié un patch de sécurité, qu’il est important de mettre en place
This patch resolves a remote code execution vulnerability that enables an attacker with Magento administrator privileges to delete files and directories on a Magento installation. This vulnerability was discovered through our quarterly penetration testing process and has not been reported by merchants.
Il concerne les versions CE (jusqu’à 1.7.0.2) et EE (jusqu’à 1.13.0.2).
Rendez-vous ici pour le télécharger et ici pour apprendre comment appliquer un patch