← voltar
CVE-2020-15079

Improper access control in PrestaShop

CVSS 6.4 MEDIUMEPSS 0.6%CWE-284
In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, there is improper access control in Carrier page, Module Manager and Module Positions. The problem is fixed in version 1.7.6.6
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Produtos afetados
PrestaShop · PrestaShop

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/PrestaShop/PrestaShop/commit/8833d9504cc5d69a2a6d10197f56f0c11443cbfahttps://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-xp3x-3h8q-c386