Magento2 Guide

Magento Commerce and Open Source 2.2.1, 2.1.10 and 2.0.17 contain multiple security enhancements. Cross-Site Scripting (XSS). Local File Inclusion (LFI). Authenticated Admin user remote code execution (RCE)   . Arbitrary File Delete vulnerabilities APPSEC-1325: Stored XSS in Billing Agreements Type                  :          Cross-Site Scripting (XSS, stored) CVSSv3 Severity  :         5.5 (Medium) Known Attacks    :        None Description         :    An administrator with limited privileges can create Billing                                                   Agreements with embedded cross-site scripting elements that                                           can subsequently lead to a stored cross-site scripting attack. Product(s)  Affected             :   Magento Open Source prior to 1.9.3.7, and Magento                                                             Commerce prior to 1.14.3.7, Magento 2.0 prior to 2.0.17,                           

This release includes numerous functional fixes and enhancements. Highlights Look for the following highlights in this release: Integrated Signifyd Fraud Protection is now available in Magento Open Source. See  Signifyd fraud protection  for more information. Ability to implement translations from themes. We’ve also significantly reduced JavaScript-related translation issues. Improvements to how the PayPal Express Checkout payment method processes virtual products. Multiple enhancements to product security. See  Magento Security Center  for more information. Twenty-two community-submitted bug fixes and multiple pull requests. Looking for more information on these new features as well as many others? Check out  Magento 2.2 Developer Documentation . Security enhancements Magento 2.2.1 includes multiple security enhancements. Although this release includes these enhancements, no confirmed attacks related to these issues have occurred to date. However, certain v

Preconditions: I installed Magento 2 with sample data used luma theme for customised right now . Now I'm trying to remove Footer subscriber form  in mycustom theme which I created before.  As I tried to remove it from layout by m2\vendor\magento\theme-frontend-luma\Magento_Theme\layout\default.xml Just need to copy paste      <referenceBlock name="form.subscribe" remove="true" /> if you want to remove footer then you remove block like this.       <referenceBlock name="footer_links" remove="true" /> in above file file  m2\vendor\magento\theme-frontend-luma\Magento_Theme\layout\default.xml default.xml file used to change layout of page if file doesn't exist then you can create your own file <?xml version="1.0"?> <page layout="1column" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"      xsi:noNamespaceSchemaLocation="../../../../

As previously I added bootstrap css file to luma theme . Now I tried to create new theme use blank theme instead of luma theme THIS IS MY WAY TO LEARN : 1. HOW TO DO IT = > HOW IT'S WORK This is first part of my journey how to do it. 1. Create theme directory Firstly,I created folders in m2(my magento 2 folder)/app/design/frontend/Lalit (vendor/namespace) app/design/frontend/                                              ├── <Vendor>/ │   │   ├──…<theme>/ │   │   │   ├── … │   │   │   ├── … compare to this structure I created folder like this  app/design/frontend/ ├── Lalit/ │   │   ├──…MyTheme/ │   │   │   ├── … │   │   │   ├── … 2.   Declare theme/  Create the theme.xml in app/design/frontend/Lalit/MyTheme <theme xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:Config/etc/theme.xsd">      <title>Lalit - MyTheme</title> <!-- your theme's name