Home
User Guide
The information contained in this section applies to IBM WebSphere Commerce Version 7.0.0.9 and Feautre Pack 8. The documentation also applies to all subsequent releases and modifications until otherwise indicated in new editions.
Installing
Review this section for information about installing the WebSphere Commerce product, associated maintenance, and WebSphere Commerce enhancements.
Installing maintenance
WebSphere Commerce maintenance includes installing fix packs, interim fixes (APARs), and cumulative interim fixes.
Interim fixes and cumulative interim fixes
A WebSphere Commerce interim fix (iFix) is a software patch that contains fixes for one or more APARs. A WebSphere Commerce cumulative iFix is a comprehensive collection of interim fixes for a specific release. Both types of fixes are installed with the WebSphere Commerce Update Installer (UPDI).
Additional steps for store or mobile-related interim fixes
Some interim fixes (iFixes) include changes to JSP files that you might have customized. To ensure that your customizations are not overwritten when you install maintenance packages, IBM does not automatically apply the changes to your environment. After you install the fix, you might need to complete additional steps to enable the fix on your environment.
Enabling interim fix JR54267
JR54267 resolves a potential cross-site request forgery (CSRF) vulnerability in WebSphere Commerce REST Services.

Enabling interim fix JR54267

JR54267 resolves a potential cross-site request forgery (CSRF) vulnerability in WebSphere Commerce REST Services.

JR54267 updates the following files in the Aurora.sar archive:

StoreAssetsDir/javascript/CheckoutArea/CheckoutHelper.js
StoreAssetsDir/ShoppingArea/CheckoutSection/CheckoutPaymentAndBillingAddressSummary.jspf
WEB-INF/stores/StoreAssetsDir/data/struts-config-update-common.tpl.xml