Magento CE (Community Edition) 18.104.22.168
A new version of Magento has been released. Since few security issues have been resolved, we’re considering this a security fix and we recommend all Magento website owners have this upgrade done.
Magento Open Source 22.214.171.124 Release Notes (Magento.com)
This version (or patch SUPEE-10752, which applies to older versions of Magento) provides resolution of multiple critical security issues. These critical security issues include remote code execution, cross-site scripting, and cross-site request forgery issues. We recommend upgrading your Magento store to this latest version. See Magento Security Center for a comprehensive discussion of these issues
Fixed issues and enhancements
– Magento no longer performs unnecessary write operations on the core_url_rewrite table.
– Customers can now successfully register during checkout without being unexpectedly logged out.
– Incorrect escaping in the cron.sh file no longer prevents cron jobs from running in parallel as expected.
– Magento now cleans session data as expected after a customer logs out.
Our Website Maintenance Department will be in contact with our clients regarding this upgrade. If you need this upgrade done on your website, please contact us.