Skip to content

v2.34.0
Compare
Choose a tag to compare
@Marvin-Magmodules Marvin-Magmodules released this 30 Jan 12:37
· 226 commits to master since this release
v2.34.0
ac30d84
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Features:

  • Support for payment links in PWAs

Bugfixes:

  • Return the correct type for the webapi
  • Validate the order id by the payment token

Minimum requirements:

  • Magento 2.3.3 & PHP 7.3

Investigation uncovered a potential vulnerability that allowed the restoration of order quotes for canceled guest orders through specific modifications to the redirect URL. To address this, additional validation has been implemented to enhance security and prevent exploitation of this loophole.

Assets 2
Loading