Edx just released a security fix for the ecommerce service

The patch removes the public access to the ecommerce catalogue directory and it’s content. A user before the fix can take advantage of the visibility and use any edx course coupons to checkout enrollment seats.

Please see the fix here https://github.com/edx/ecommerce/commit/5ddce0941bc9521bd52b0bd68d531daf04500942

Thanks, and please let us know if you have any questions!

 289 total views