Security News > 2015 > August > Mildly Interesting Security Stuff: Magento Bug Bounty 1 2: CSRF to code execution and Post-auth RCE via object injection (Reddit)