Hey folks, here is an update to this issue I entered as a regular comment to the blog post. Eventually it is necessary to update to PHPMailer 5.2.22 if you use it in your modules/projects: https://oxidforge.org/en/phpmailer-5-2-21-remote-code-execution-oxid-eshop-is-safe.html#comment-2387
Kind regards Marco ________________________________________ From: Marco Steinhaeuser Sent: Thursday, December 29, 2016 9:52 PM To: dev-general@lists.oxidforge.org Subject: PHPMailer < 5.2.21 Remote Code Execution: OXID eShop is safe! Hey folks, you might have heard about the security leak in the PHPMailer library that OXID eShop is using as well. This information was published by some smart-ass in the middle of the holiday season on 25th Dec. Of course we took the notification about it certain as always and investigated. Here are the results: https://oxidforge.org/en/phpmailer-5-2-21-remote-code-execution-oxid-eshop-is-safe.html Have a good start into the New Year! Best Marco
