recently a new security update for the store system Magento was released. The patch SUPEE-10888 closes several security holes which could be abused by cross-site scripting (XSS) and cross-site request forgery (CSRF). We strongly recommend to apply the PATCH or to update Magento to the latest version.Magento Commerce (Enterprise): Upgrade to 1.14.3.10Magento Open Source: Upgrade to 1.9.3.10Please note that security vulnerabilities can compromise customer data or your store and server. The damage from this can mean the downtime of your store and server for days. Please also read the article: Apply Magento security patch.
