What’s new in Prestashop

in Prestashop News on April 21, 2020

Main Fixes

This maintenance release is a bit special as it does not only fix regressions found on version to, but it also has put a focus on fixing many security issues, from 1.5, 1.6 and 1.7 versions. This is a result of a huge work on security which has been started a few weeks ago to ensure more security on the PrestaShop software. In the near future, PrestaShop will focus more and more on security to ensure that no security breaches, even minor ones such as permission issues, are left out in the core.

Below are listed the 7 regressions that were found and fixed in this version, impacting both front-office and back-office.

Front-office regressions:

  • When editing an address both in the customer account and checkout, a new address was created instead of replacing it – #18100 and #18072
  • Canonical redirects for products with combinations no longer worked, which could cause duplicate content #18279

Back-office regressions:

  • When adding a cart rule to an order from the back-office, the value discount was not correct #18630
  • Searching a category with the quick search no longer redirected to the category edition page – #17908
  • The help card was no longer displayed on view order and new employee pages – #18279 and #18615
  • In the customer view page, the number of “last emails” was incorrect – #18602
  • It was not possible to access the translation interface for the Serbian language – #18062

Security Fixes

Some security fixes have been included in this patch version to ensure an improved core reliability. Thanks a lot to Rabhi for finding a lot of these issues !

Improper access controls:

Reflected XSS:

Open redirection:

A few security issues have also been fixed on native modules:

More information about why it’s important to update:

Share Your Valuable Opinions