← volver
CVE-2020-15079

Improper access control in PrestaShop

CVSS 6.4 MEDIUMEPSS 0.6%CWE-284
In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, there is improper access control in Carrier page, Module Manager and Module Positions. The problem is fixed in version 1.7.6.6
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Productos afectados
PrestaShop · PrestaShop

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/PrestaShop/PrestaShop/commit/8833d9504cc5d69a2a6d10197f56f0c11443cbfahttps://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-xp3x-3h8q-c386