CVE-2023-26859

CVE-2023-26859

EPSS 0.6%

SQL injection vulnerability found in PrestaShop sendinblue v.4.0.15 and before allow a remote attacker to gain privileges via the ajaxOrderTracking.php component.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://addons.prestashop.com/en/newsletter-sms/8300-sendinblue-all-in-one-marketing-tool.html https://security.friendsofpresta.org/modules/2023/07/25/sendinblue.html