Cybersecurity Insights

Kirsty Trainer

New Magento Patch: SUPEE-6788

10/11/15 10:54

Magento Update: Magento has announced a new patch available for Magento Community versions older than and Magento Enterprise versions older than

What does this Magento Patch address?

Magento Patch, Magento SecurityThis patch is designed to tackle multiple Magento security issues and vulnerabilities, and is in fact made up of a number of smaller patches. Some of these include:

  • Cross site scripting vulnerabilities
  • Information disclosure vulnerabilities
  • Addressing possible SQL Injections

What do I need to do?

If you own or run a Magento installation, we recommend that you install this patch as soon as possible in order to prevent any possible exploits. 

  • Magento Enterprise Clients: Log in to your Magento account to access the EE version of the patch. 
  • Magento Community: Access the Primary Download Page


Magento has stated that in order to address some of these security issues, this patch may affect performance or access to some 3rd party extensions and plugins. Many developers are aware of this and are amending their plugins accordingly, but as a precaution there is a compatibility mode within SUPEE-6788 that limits the effectiveness of this patch. This is called the 'Admin Routing Compatibility Mode', which is turned 'on' by default.

You must turn off 'Admin Routing Compatibility Mode' under 'Admin > Security' to enable all features of this patch. 

If you have any questions or are concerned with the security of your website, please contact our expert security team. 

Contact Us


Ewan Gardner
Serious Vulnerability Discovered in Adminer database Administration Tool
18/01/19 17:19

Foregenix are warning all their partners this morning about a vulnerability discovered in the ...

Read More
Ewan Gardner
Anatomy Of A Magento Attack: Froghopper
07/08/17 14:51

  Magento is the most popular eCommerce web application in the world, with an estimated 236,000 ...

Read More