Hire an Agile Team for your business

Create your own agile squad with experienced members for your business.

Connect with Experts

POODLE Vulnerability Discovery Affecting Zen Cart Stores Accepting PayPal

Last Updated on Oct 15, 2014 by Jeff Lew

PayPal has fixed a vulnerability in their payment system due to POODLE by removing the CURL SSL Option. All stores that accept PayPal are affected and will not be able to take payment via the PayPal modules unless the following code change is made:

Open includes/modules/payment/paypal/paypal_curl.php and find line 59:
CURLOPT_SSLVERSION => 3,

Change to:
//CURLOPT_SSLVERSION => 3,

If you need assistance with making this code change, please contact [email protected] and we’ll correct the issue for you today.

Update: this affects any script that uses the CURLOPT_SSLVERSION option and the recommended fix is to comment out that line completely from all scripts (i.e. PayPal, Authorize.net, Linkpoint, USPS, etc).

One thought on “POODLE Vulnerability Discovery Affecting Zen Cart Stores Accepting PayPal

  1. hi

    We are using zen cart we got mail for paypal (28) SSL connection timeout in connection and we found the your page and we used but i getting the same of (28) SSL connection timeout could you please us

    Regards
    Murugan


Leave a Reply

Your email address will not be published. Required fields are marked *

Contact Account Cart Search Cart Open Menu Arrow Link Arrow Chat Close Close Popup Facebook Twitter Google Plus linkedin2 POODLE Vulnerability Discovery Affecting Zen Cart Stores Accepting PayPal - Numinix Blog