I create websites, applications and e-commerce solutions at Unleashed Technologies. When I'm not solving tough problems for clients or working on open-source projects, you can find me speaking at conferences all around the world. In my free time, I also like to tinker with Arduino and home automation.
Back in November I released colinodell/json5 - a JSON5 parser for PHP. It's essentially a drop-in replacement for PHP's
json_decode() function, but it allows things like comments, trailing commas, and more.
Fast forward to this weekend when I received the following bug report from a user named Antonio:
Magento has just released the SUPEE-10415 security patch for the following versions:
- Magento Commerce 184.108.40.206-220.127.116.11 (formerly known as Enterprise Edition)
- Magento Open Source 18.104.22.168-22.214.171.124 (formerly known as Community Edition)
The patch contains fixed for several security vulnerabilities including cross-site request forgery (CSRF), Denial-of-Service (DoS), and authenticated Admin user remote code execution (RCE).