Search criteria
69 vulnerabilities by Prestashop
CVE-2026-25597 (GCVE-0-2026-25597)
Vulnerability from cvelistv5 – Published: 2026-02-06 20:47 – Updated: 2026-02-09 15:27
VLAI?
Title
PrestaShop has a time based enumeration in FO login form
Summary
PrestaShop is an open source e-commerce web application. Prior to 8.2.4 and 9.0.3, there is a time-based user enumeration vulnerability in the user authentication functionality of PrestaShop. This vulnerability allows an attacker to determine whether a customer account exists in the system by measuring response times. This vulnerability is fixed in 8.2.4 and 9.0.3.
Severity ?
5.3 (Medium)
CWE
- CWE-208 - Observable Timing Discrepancy
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
< 8.2.4
Affected: >= 9.0.0-alpha.1, < 9.0.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25597",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-09T15:22:00.831000Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-09T15:27:54.047Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003c 8.2.4"
},
{
"status": "affected",
"version": "\u003e= 9.0.0-alpha.1, \u003c 9.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an open source e-commerce web application. Prior to 8.2.4 and 9.0.3, there is a time-based user enumeration vulnerability in the user authentication functionality of PrestaShop. This vulnerability allows an attacker to determine whether a customer account exists in the system by measuring response times. This vulnerability is fixed in 8.2.4 and 9.0.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-208",
"description": "CWE-208: Observable Timing Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-06T20:47:24.793Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-67v7-3g49-mxh2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-67v7-3g49-mxh2"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/releases/tag/8.2.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/8.2.4"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/releases/tag/9.0.3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/9.0.3"
}
],
"source": {
"advisory": "GHSA-67v7-3g49-mxh2",
"discovery": "UNKNOWN"
},
"title": "PrestaShop has a time based enumeration in FO login form"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-25597",
"datePublished": "2026-02-06T20:47:24.793Z",
"dateReserved": "2026-02-03T01:02:46.717Z",
"dateUpdated": "2026-02-09T15:27:54.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1230 (GCVE-0-2025-1230)
Vulnerability from cvelistv5 – Published: 2025-02-12 10:38 – Updated: 2025-02-12 16:07
VLAI?
Title
Cross-Site Scripting (XSS) vulnerability in Prestashop
Summary
Stored Cross-Site Scripting (XSS) vulnerability in Prestashop 8.1.7, due to the lack of proper validation of user input through ‘/<admin_directory>/index.php’, affecting the ‘link’ parameter. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their cookie session details.
Severity ?
4.8 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Prestashop | Prestashop |
Affected:
8.1.7
|
Credits
David Aparicio Salcedo
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1230",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T14:56:07.683783Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T16:07:33.164Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Prestashop",
"vendor": "Prestashop",
"versions": [
{
"status": "affected",
"version": "8.1.7"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "David Aparicio Salcedo"
}
],
"datePublic": "2025-02-11T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Stored Cross-Site Scripting (XSS) vulnerability in Prestashop 8.1.7, due to the lack of proper validation of user input through \u2018/\u0026lt;admin_directory\u0026gt;/index.php\u2019, affecting the \u2018link\u2019 parameter. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their cookie session details."
}
],
"value": "Stored Cross-Site Scripting (XSS) vulnerability in Prestashop 8.1.7, due to the lack of proper validation of user input through \u2018/\u003cadmin_directory\u003e/index.php\u2019, affecting the \u2018link\u2019 parameter. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their cookie session details."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T10:38:08.379Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-xss-vulnerability-prestashop"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The manufacturer is working on a fix for this vulnerability. It is recommended to update to the latest version available."
}
],
"value": "The manufacturer is working on a fix for this vulnerability. It is recommended to update to the latest version available."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Cross-Site Scripting (XSS) vulnerability in Prestashop",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2025-1230",
"datePublished": "2025-02-12T10:38:08.379Z",
"dateReserved": "2025-02-11T12:01:22.175Z",
"dateUpdated": "2025-02-12T16:07:33.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24027 (GCVE-0-2025-24027)
Vulnerability from cvelistv5 – Published: 2025-01-22 14:26 – Updated: 2025-02-12 20:41
VLAI?
Title
ps_contactinfo has potential XSS due to usage of the nofilter tag in template
Summary
ps_contactinfo, a PrestaShop module for displaying store contact information, has a cross-site scripting (XSS) vulnerability in versions up to and including 3.3.2. This can not be exploited in a fresh install of PrestaShop, only shops made vulnerable by third party modules are concerned. For example, if the shop has a third party module vulnerable to SQL injections, then ps_contactinfo might execute a stored cross-site scripting in formatting objects. Commit d60f9a5634b4fc2d3a8831fb08fe2e1f23cbfa39 keeps formatted addresses from displaying a XSS stored in the database, and the fix is expected to be available in version 3.3.3. No workarounds are available aside from applying the fix and keeping all modules maintained and update.
Severity ?
6.2 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | ps_contactinfo |
Affected:
<= 3.3.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24027",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-22T16:15:58.253442Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:23.646Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ps_contactinfo",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003c= 3.3.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ps_contactinfo, a PrestaShop module for displaying store contact information, has a cross-site scripting (XSS) vulnerability in versions up to and including 3.3.2. This can not be exploited in a fresh install of PrestaShop, only shops made vulnerable by third party modules are concerned. For example, if the shop has a third party module vulnerable to SQL injections, then ps_contactinfo might execute a stored cross-site scripting in formatting objects. Commit d60f9a5634b4fc2d3a8831fb08fe2e1f23cbfa39 keeps formatted addresses from displaying a XSS stored in the database, and the fix is expected to be available in version 3.3.3. No workarounds are available aside from applying the fix and keeping all modules maintained and update."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-22T14:26:42.830Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/ps_contactinfo/security/advisories/GHSA-35pq-7pv2-2rfw",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/ps_contactinfo/security/advisories/GHSA-35pq-7pv2-2rfw"
},
{
"name": "https://github.com/PrestaShop/ps_contactinfo/commit/d60f9a5634b4fc2d3a8831fb08fe2e1f23cbfa39",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/ps_contactinfo/commit/d60f9a5634b4fc2d3a8831fb08fe2e1f23cbfa39"
}
],
"source": {
"advisory": "GHSA-35pq-7pv2-2rfw",
"discovery": "UNKNOWN"
},
"title": "ps_contactinfo has potential XSS due to usage of the nofilter tag in template"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-24027",
"datePublished": "2025-01-22T14:26:42.830Z",
"dateReserved": "2025-01-16T17:31:06.460Z",
"dateUpdated": "2025-02-12T20:41:23.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34717 (GCVE-0-2024-34717)
Vulnerability from cvelistv5 – Published: 2024-05-14 15:47 – Updated: 2024-08-02 02:59
VLAI?
Title
Anonymous PrestaShop customer can download other customers' invoices
Summary
PrestaShop is an open source e-commerce web application. In PrestaShop 8.1.5, any invoice can be downloaded from front-office in anonymous mode, by supplying a random secure_key parameter in the url. This issue is patched in version 8.1.6. No known workarounds are available.
Severity ?
5.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
= 8.1.5
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:prestashop:prestashop:8.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "prestashop",
"vendor": "prestashop",
"versions": [
{
"lessThan": "8.1.6",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34717",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T13:22:48.091893Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:41:41.822Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:59:22.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-7pjr-2rgh-fc5g",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-7pjr-2rgh-fc5g"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/releases/tag/8.1.6",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/8.1.6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "= 8.1.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an open source e-commerce web application. In PrestaShop 8.1.5, any invoice can be downloaded from front-office in anonymous mode, by supplying a random secure_key parameter in the url. This issue is patched in version 8.1.6. No known workarounds are available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-14T15:47:27.265Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-7pjr-2rgh-fc5g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-7pjr-2rgh-fc5g"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/releases/tag/8.1.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/8.1.6"
}
],
"source": {
"advisory": "GHSA-7pjr-2rgh-fc5g",
"discovery": "UNKNOWN"
},
"title": "Anonymous PrestaShop customer can download other customers\u0027 invoices"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-34717",
"datePublished": "2024-05-14T15:47:27.265Z",
"dateReserved": "2024-05-07T13:53:00.134Z",
"dateUpdated": "2024-08-02T02:59:22.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34716 (GCVE-0-2024-34716)
Vulnerability from cvelistv5 – Published: 2024-05-14 15:45 – Updated: 2024-08-02 02:59
VLAI?
Title
PrestaShop vulnerable to XSS via customer contact form in FO, through file upload
Summary
PrestaShop is an open source e-commerce web application. A cross-site scripting (XSS) vulnerability that only affects PrestaShops with customer-thread feature flag enabled is present starting from PrestaShop 8.1.0 and prior to PrestaShop 8.1.6. When the customer thread feature flag is enabled through the front-office contact form, a hacker can upload a malicious file containing an XSS that will be executed when an admin opens the attached file in back office. The script injected can access the session and the security token, which allows it to perform any authenticated action in the scope of the administrator's right. This vulnerability is patched in 8.1.6. A workaround is to disable the customer-thread feature-flag.
Severity ?
9.7 (Critical)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
>= 8.1.0, < 8.1.6
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:prestashop:prestashop:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "prestashop",
"vendor": "prestashop",
"versions": [
{
"lessThan": "8.1.6",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34716",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-11T20:41:38.434859Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-11T20:43:10.450Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:59:22.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-45vm-3j38-7p78",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-45vm-3j38-7p78"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/releases/tag/8.1.6",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/8.1.6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003e= 8.1.0, \u003c 8.1.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an open source e-commerce web application. A cross-site scripting (XSS) vulnerability that only affects PrestaShops with customer-thread feature flag enabled is present starting from PrestaShop 8.1.0 and prior to PrestaShop 8.1.6. When the customer thread feature flag is enabled through the front-office contact form, a hacker can upload a malicious file containing an XSS that will be executed when an admin opens the attached file in back office. The script injected can access the session and the security token, which allows it to perform any authenticated action in the scope of the administrator\u0027s right. This vulnerability is patched in 8.1.6. A workaround is to disable the customer-thread feature-flag."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.7,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-14T15:45:45.345Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-45vm-3j38-7p78",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-45vm-3j38-7p78"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/releases/tag/8.1.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/8.1.6"
}
],
"source": {
"advisory": "GHSA-45vm-3j38-7p78",
"discovery": "UNKNOWN"
},
"title": "PrestaShop vulnerable to XSS via customer contact form in FO, through file upload"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-34716",
"datePublished": "2024-05-14T15:45:45.345Z",
"dateReserved": "2024-05-07T13:53:00.134Z",
"dateUpdated": "2024-08-02T02:59:22.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-26129 (GCVE-0-2024-26129)
Vulnerability from cvelistv5 – Published: 2024-02-19 21:59 – Updated: 2024-08-01 23:59
VLAI?
Title
Prestashop vulnerable to path disclosure in JavaScript variable
Summary
PrestaShop is an open-source e-commerce platform. Starting in version 8.1.0 and prior to version 8.1.4, PrestaShop is vulnerable to path disclosure in a JavaScript variable. A patch is available in version 8.1.4.
Severity ?
5.8 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
>= 8.1.0, < 8.1.4
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:prestashop:prestashop:8.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "prestashop",
"vendor": "prestashop",
"versions": [
{
"lessThan": "8.1.4",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26129",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-21T19:38:34.924222Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-25T16:43:47.669Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:59:32.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-3366-9287-7qpr",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-3366-9287-7qpr"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/444bd0dea581659918fe2067541b9863cf099dd5",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/444bd0dea581659918fe2067541b9863cf099dd5"
},
{
"name": "https://owasp.org/www-community/attacks/Full_Path_Disclosure",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://owasp.org/www-community/attacks/Full_Path_Disclosure"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003e= 8.1.0, \u003c 8.1.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an open-source e-commerce platform. Starting in version 8.1.0 and prior to version 8.1.4, PrestaShop is vulnerable to path disclosure in a JavaScript variable. A patch is available in version 8.1.4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-19T21:59:54.426Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-3366-9287-7qpr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-3366-9287-7qpr"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/444bd0dea581659918fe2067541b9863cf099dd5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/444bd0dea581659918fe2067541b9863cf099dd5"
},
{
"name": "https://owasp.org/www-community/attacks/Full_Path_Disclosure",
"tags": [
"x_refsource_MISC"
],
"url": "https://owasp.org/www-community/attacks/Full_Path_Disclosure"
}
],
"source": {
"advisory": "GHSA-3366-9287-7qpr",
"discovery": "UNKNOWN"
},
"title": "Prestashop vulnerable to path disclosure in JavaScript variable"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-26129",
"datePublished": "2024-02-19T21:59:54.426Z",
"dateReserved": "2024-02-14T17:40:03.687Z",
"dateUpdated": "2024-08-01T23:59:32.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21628 (GCVE-0-2024-21628)
Vulnerability from cvelistv5 – Published: 2024-01-02 21:17 – Updated: 2024-11-14 19:10
VLAI?
Title
XSS can be stored in DB from "add a message form" in order detail page (FO)
Summary
PrestaShop is an open-source e-commerce platform. Prior to version 8.1.3, the isCleanHtml method is not used on this this form, which makes it possible to store a cross-site scripting payload in the database. The impact is low because the HTML is not interpreted in BO, thanks to twig's escape mechanism. In FO, the cross-site scripting attack is effective, but only impacts the customer sending it, or the customer session from which it was sent. This issue affects those who have a module fetching these messages from the DB and displaying it without escaping HTML. Version 8.1.3 contains a patch for this issue.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
< 8.1.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:27:35.896Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-vr7m-r9vm-m4wf",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-vr7m-r9vm-m4wf"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/c3d78b7e49f5fe49a9d07725c3174d005deaa597",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/c3d78b7e49f5fe49a9d07725c3174d005deaa597"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21628",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-16T16:32:28.268211Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T19:10:16.008Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003c 8.1.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an open-source e-commerce platform. Prior to version 8.1.3, the isCleanHtml method is not used on this this form, which makes it possible to store a cross-site scripting payload in the database. The impact is low because the HTML is not interpreted in BO, thanks to twig\u0027s escape mechanism. In FO, the cross-site scripting attack is effective, but only impacts the customer sending it, or the customer session from which it was sent. This issue affects those who have a module fetching these messages from the DB and displaying it without escaping HTML. Version 8.1.3 contains a patch for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-02T21:17:14.733Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-vr7m-r9vm-m4wf",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-vr7m-r9vm-m4wf"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/c3d78b7e49f5fe49a9d07725c3174d005deaa597",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/c3d78b7e49f5fe49a9d07725c3174d005deaa597"
}
],
"source": {
"advisory": "GHSA-vr7m-r9vm-m4wf",
"discovery": "UNKNOWN"
},
"title": "XSS can be stored in DB from \"add a message form\" in order detail page (FO)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-21628",
"datePublished": "2024-01-02T21:17:14.733Z",
"dateReserved": "2023-12-29T03:00:44.954Z",
"dateUpdated": "2024-11-14T19:10:16.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21627 (GCVE-0-2024-21627)
Vulnerability from cvelistv5 – Published: 2024-01-02 21:03 – Updated: 2025-06-03 14:45
VLAI?
Title
Some attribute not escaped in Validate::isCleanHTML method
Summary
PrestaShop is an open-source e-commerce platform. Prior to versions 8.1.3 and 1.7.8.11, some event attributes are not detected by the `isCleanHTML` method. Some modules using the `isCleanHTML` method could be vulnerable to cross-site scripting. Versions 8.1.3 and 1.7.8.11 contain a patch for this issue. The best workaround is to use the `HTMLPurifier` library to sanitize html input coming from users. The library is already available as a dependency in the PrestaShop project. Beware though that in legacy object models, fields of `HTML` type will call `isCleanHTML`.
Severity ?
8.1 (High)
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
>= 8.0.0, < 8.1.3
Affected: < 1.7.8.11 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:27:36.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-xgpm-q3mq-46rq",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-xgpm-q3mq-46rq"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/73cfb44666818eefd501b526a894fe884dd12129",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/73cfb44666818eefd501b526a894fe884dd12129"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/ba06d18466df5b92cb841d504cc7210121104883",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/ba06d18466df5b92cb841d504cc7210121104883"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21627",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:48:20.023420Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:45:21.732Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003e= 8.0.0, \u003c 8.1.3"
},
{
"status": "affected",
"version": "\u003c 1.7.8.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an open-source e-commerce platform. Prior to versions 8.1.3 and 1.7.8.11, some event attributes are not detected by the `isCleanHTML` method. Some modules using the `isCleanHTML` method could be vulnerable to cross-site scripting. Versions 8.1.3 and 1.7.8.11 contain a patch for this issue. The best workaround is to use the `HTMLPurifier` library to sanitize html input coming from users. The library is already available as a dependency in the PrestaShop project. Beware though that in legacy object models, fields of `HTML` type will call `isCleanHTML`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-02T21:03:17.816Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-xgpm-q3mq-46rq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-xgpm-q3mq-46rq"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/73cfb44666818eefd501b526a894fe884dd12129",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/73cfb44666818eefd501b526a894fe884dd12129"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/ba06d18466df5b92cb841d504cc7210121104883",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/ba06d18466df5b92cb841d504cc7210121104883"
}
],
"source": {
"advisory": "GHSA-xgpm-q3mq-46rq",
"discovery": "UNKNOWN"
},
"title": "Some attribute not escaped in Validate::isCleanHTML method"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-21627",
"datePublished": "2024-01-02T21:03:17.816Z",
"dateReserved": "2023-12-29T03:00:44.954Z",
"dateUpdated": "2025-06-03T14:45:21.732Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-47110 (GCVE-0-2023-47110)
Vulnerability from cvelistv5 – Published: 2023-11-09 15:24 – Updated: 2024-09-04 13:17
VLAI?
Title
Any value can be changed in the configuration table by an employee having access to block reassurance module
Summary
blockreassurance adds an information block aimed at offering helpful information to reassure customers that their store is trustworthy. An ajax function in module blockreassurance allows modifying any value in the configuration table. This vulnerability has been patched in version 5.1.4.
Severity ?
9.1 (Critical)
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | blockreassurance |
Affected:
<= 5.1.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:01:22.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/blockreassurance/security/advisories/GHSA-xfm3-hjcc-gv78",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/blockreassurance/security/advisories/GHSA-xfm3-hjcc-gv78"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-47110",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T13:11:05.299453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T13:17:49.680Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "blockreassurance",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003c= 5.1.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "blockreassurance adds an information block aimed at offering helpful information to reassure customers that their store is trustworthy. An ajax function in module blockreassurance allows modifying any value in the configuration table. This vulnerability has been patched in version 5.1.4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-09T15:24:15.247Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/blockreassurance/security/advisories/GHSA-xfm3-hjcc-gv78",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/blockreassurance/security/advisories/GHSA-xfm3-hjcc-gv78"
}
],
"source": {
"advisory": "GHSA-xfm3-hjcc-gv78",
"discovery": "UNKNOWN"
},
"title": "Any value can be changed in the configuration table by an employee having access to block reassurance module "
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-47110",
"datePublished": "2023-11-09T15:24:15.247Z",
"dateReserved": "2023-10-30T19:57:51.673Z",
"dateUpdated": "2024-09-04T13:17:49.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-47109 (GCVE-0-2023-47109)
Vulnerability from cvelistv5 – Published: 2023-11-08 21:37 – Updated: 2024-09-04 14:04
VLAI?
Title
PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block
Summary
PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image. When deleting the block from the BO, the file will be deleted. It is possible to make the website completely unavailable by removing index.php for example. This issue has been patched in version 5.1.4.
Severity ?
5.5 (Medium)
CWE
- CWE-285 - Improper Authorization
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | blockreassurance |
Affected:
<= 5.1.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:01:22.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/blockreassurance/security/advisories/GHSA-83j2-qhx2-p7jc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/blockreassurance/security/advisories/GHSA-83j2-qhx2-p7jc"
},
{
"name": "https://github.com/PrestaShop/blockreassurance/commit/2d0e97bebf795690caffe33c1ab23a9bf43fcdfa",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/blockreassurance/commit/2d0e97bebf795690caffe33c1ab23a9bf43fcdfa"
},
{
"name": "https://github.com/PrestaShop/blockreassurance/commit/eec00da564db4c1804b0a0d1e3d9f7ec4e27d823",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/blockreassurance/commit/eec00da564db4c1804b0a0d1e3d9f7ec4e27d823"
},
{
"name": "https://github.com/PrestaShop/blockreassurance/releases/tag/v5.1.4",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/blockreassurance/releases/tag/v5.1.4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-47109",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T14:00:51.221248Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T14:04:42.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "blockreassurance",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003c= 5.1.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image. When deleting the block from the BO, the file will be deleted. It is possible to make the website completely unavailable by removing index.php for example. This issue has been patched in version 5.1.4.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-08T21:37:53.660Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/blockreassurance/security/advisories/GHSA-83j2-qhx2-p7jc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/blockreassurance/security/advisories/GHSA-83j2-qhx2-p7jc"
},
{
"name": "https://github.com/PrestaShop/blockreassurance/commit/2d0e97bebf795690caffe33c1ab23a9bf43fcdfa",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/blockreassurance/commit/2d0e97bebf795690caffe33c1ab23a9bf43fcdfa"
},
{
"name": "https://github.com/PrestaShop/blockreassurance/commit/eec00da564db4c1804b0a0d1e3d9f7ec4e27d823",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/blockreassurance/commit/eec00da564db4c1804b0a0d1e3d9f7ec4e27d823"
},
{
"name": "https://github.com/PrestaShop/blockreassurance/releases/tag/v5.1.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/blockreassurance/releases/tag/v5.1.4"
}
],
"source": {
"advisory": "GHSA-83j2-qhx2-p7jc",
"discovery": "UNKNOWN"
},
"title": "PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-47109",
"datePublished": "2023-11-08T21:37:53.660Z",
"dateReserved": "2023-10-30T19:57:51.673Z",
"dateUpdated": "2024-09-04T14:04:42.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-43664 (GCVE-0-2023-43664)
Vulnerability from cvelistv5 – Published: 2023-09-28 18:16 – Updated: 2024-09-20 19:26
VLAI?
Title
Employee without any access rights can list all installed modules in Prestashop
Summary
PrestaShop is an Open Source e-commerce web application. In the Prestashop Back office interface, an employee can list all modules without any access rights: method `ajaxProcessGetPossibleHookingListForModule` doesn't check access rights. This issue has been addressed in commit `15bd281c` which is included in version 8.1.2. Users are advised to upgrade. There are no known workaround for this issue.
Severity ?
4.3 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
< 8.1.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:44:43.845Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gvrg-62jp-rf7j",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gvrg-62jp-rf7j"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/15bd281c18f032a5134a8d213b44d24829d45762",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/15bd281c18f032a5134a8d213b44d24829d45762"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-43664",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-20T17:48:03.346969Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-20T19:26:46.506Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003c 8.1.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an Open Source e-commerce web application. In the Prestashop Back office interface, an employee can list all modules without any access rights: method `ajaxProcessGetPossibleHookingListForModule` doesn\u0027t check access rights. This issue has been addressed in commit `15bd281c` which is included in version 8.1.2. Users are advised to upgrade. There are no known workaround for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-28T18:16:57.658Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gvrg-62jp-rf7j",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gvrg-62jp-rf7j"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/15bd281c18f032a5134a8d213b44d24829d45762",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/15bd281c18f032a5134a8d213b44d24829d45762"
}
],
"source": {
"advisory": "GHSA-gvrg-62jp-rf7j",
"discovery": "UNKNOWN"
},
"title": "Employee without any access rights can list all installed modules in Prestashop"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-43664",
"datePublished": "2023-09-28T18:16:57.658Z",
"dateReserved": "2023-09-20T15:35:38.148Z",
"dateUpdated": "2024-09-20T19:26:46.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-43663 (GCVE-0-2023-43663)
Vulnerability from cvelistv5 – Published: 2023-09-28 18:13 – Updated: 2024-09-20 19:32
VLAI?
Title
Improper Privilege Management in Prestashop
Summary
PrestaShop is an Open Source e-commerce web application. In affected versions any module can be disabled or uninstalled from back office, even with low user right. This allows low privileged users to disable portions of a shops functionality. Commit `ce1f6708` addresses this issue and is included in version 8.1.2. Users are advised to upgrade. There are no known workarounds for this issue.
Severity ?
6.3 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
< 8.1.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:44:43.764Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-6jmf-2pfc-q9m7",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-6jmf-2pfc-q9m7"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/ce1f67083537194e974caf86c57e547a0aaa46cd",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/ce1f67083537194e974caf86c57e547a0aaa46cd"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-43663",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-20T17:48:09.994728Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-20T19:32:29.398Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003c 8.1.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an Open Source e-commerce web application. In affected versions any module can be disabled or uninstalled from back office, even with low user right. This allows low privileged users to disable portions of a shops functionality. Commit `ce1f6708` addresses this issue and is included in version 8.1.2. Users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-28T18:13:49.216Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-6jmf-2pfc-q9m7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-6jmf-2pfc-q9m7"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/ce1f67083537194e974caf86c57e547a0aaa46cd",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/ce1f67083537194e974caf86c57e547a0aaa46cd"
}
],
"source": {
"advisory": "GHSA-6jmf-2pfc-q9m7",
"discovery": "UNKNOWN"
},
"title": "Improper Privilege Management in Prestashop"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-43663",
"datePublished": "2023-09-28T18:13:49.216Z",
"dateReserved": "2023-09-20T15:35:38.148Z",
"dateUpdated": "2024-09-20T19:32:29.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-45448 (GCVE-0-2022-45448)
Vulnerability from cvelistv5 – Published: 2023-09-20 12:14 – Updated: 2024-09-06 14:11
VLAI?
Title
Cross-site Scripting in M4 PDF plugin for Prestashop sites
Summary
M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to an arbitrary HTML Document crafting vulnerability. The resource /m4pdf/pdf.php uses templates to dynamically create documents. In the case that the template does not exist, the application will return a fixed document with a message in mpdf format. An attacker could exploit this vulnerability by inputting a valid HTML/CSS document as the value of the parameter.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Prestashop | M4 PDF plugin |
Affected:
0 , ≤ 3.2.3
(custom)
|
Credits
Francisco Díaz-Pache Alonso
David Álvarez Robles
Sergio Corral Cristo
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:17:00.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-m4-pdf-plugin-prestashop-sites"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-45448",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T14:07:39.984141Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T14:11:51.047Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "M4 PDF plugin",
"vendor": "Prestashop",
"versions": [
{
"lessThanOrEqual": "3.2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Francisco D\u00edaz-Pache Alonso"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "David \u00c1lvarez Robles"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sergio Corral Cristo"
}
],
"datePublic": "2023-02-21T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to an arbitrary HTML Document crafting vulnerability. The resource /m4pdf/pdf.php uses templates to dynamically create documents. In the case that the template does not exist, the application will return a fixed document with a message in mpdf format. An attacker could exploit this vulnerability by inputting a valid HTML/CSS document as the value of the parameter."
}
],
"value": "M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to an arbitrary HTML Document crafting vulnerability. The resource /m4pdf/pdf.php uses templates to dynamically create documents. In the case that the template does not exist, the application will return a fixed document with a message in mpdf format. An attacker could exploit this vulnerability by inputting a valid HTML/CSS document as the value of the parameter."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-20T12:14:58.361Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-m4-pdf-plugin-prestashop-sites"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Cross-site Scripting in M4 PDF plugin for Prestashop sites",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2022-45448",
"datePublished": "2023-09-20T12:14:58.361Z",
"dateReserved": "2022-11-16T14:09:55.998Z",
"dateUpdated": "2024-09-06T14:11:51.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-45447 (GCVE-0-2022-45447)
Vulnerability from cvelistv5 – Published: 2023-09-20 09:30 – Updated: 2024-09-06 14:12
VLAI?
Title
Path Traversal in M4 PDF plugin for Prestashop sites
Summary
M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability. The “f” parameter is not properly checked in the resource /m4pdf/pdf.php, returning any file given its relative path. An attacker that exploits this vulnerability could download /etc/passwd from the server if the file exists.
Severity ?
6.5 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Prestashop | M4 PDF plugin |
Affected:
0 , ≤ 3.2.3
(custom)
|
Credits
Francisco Díaz-Pache Alonso
David Álvarez Robles
Sergio Corral Cristo
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:09:57.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-m4-pdf-plugin-prestashop-sites"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-45447",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T14:07:30.472198Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T14:12:13.723Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "M4 PDF plugin",
"vendor": "Prestashop",
"versions": [
{
"lessThanOrEqual": "3.2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Francisco D\u00edaz-Pache Alonso"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "David \u00c1lvarez Robles"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sergio Corral Cristo"
}
],
"datePublic": "2023-02-21T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability. The \u201cf\u201d parameter is not properly checked in the resource /m4pdf/pdf.php, returning any file given its relative path. An attacker that exploits this vulnerability could download /etc/passwd from the server if the file exists."
}
],
"value": "M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability. The \u201cf\u201d parameter is not properly checked in the resource /m4pdf/pdf.php, returning any file given its relative path. An attacker that exploits this vulnerability could download /etc/passwd from the server if the file exists."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-20T09:30:09.498Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-m4-pdf-plugin-prestashop-sites"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Path Traversal in M4 PDF plugin for Prestashop sites",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2022-45447",
"datePublished": "2023-09-20T09:30:09.498Z",
"dateReserved": "2022-11-16T14:09:55.998Z",
"dateUpdated": "2024-09-06T14:12:13.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39530 (GCVE-0-2023-39530)
Vulnerability from cvelistv5 – Published: 2023-08-07 20:51 – Updated: 2024-10-08 17:34
VLAI?
Title
PrestaShop vulnerable to file deletion via CustomerMessage
Summary
PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, it is possible to delete files from the server via the CustomerMessage API. Version 8.1.1 contains a patch for this issue. There are no known workarounds.
Severity ?
6.5 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
< 8.1.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-v4gr-v679-42p7",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-v4gr-v679-42p7"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/6ce750b2367a7309b6bf50166f1873cb86ad57e9",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/6ce750b2367a7309b6bf50166f1873cb86ad57e9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39530",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T17:33:05.071464Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T17:34:13.109Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003c 8.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, it is possible to delete files from the server via the CustomerMessage API. Version 8.1.1 contains a patch for this issue. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T20:51:52.155Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-v4gr-v679-42p7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-v4gr-v679-42p7"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/6ce750b2367a7309b6bf50166f1873cb86ad57e9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/6ce750b2367a7309b6bf50166f1873cb86ad57e9"
}
],
"source": {
"advisory": "GHSA-v4gr-v679-42p7",
"discovery": "UNKNOWN"
},
"title": "PrestaShop vulnerable to file deletion via CustomerMessage"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39530",
"datePublished": "2023-08-07T20:51:52.155Z",
"dateReserved": "2023-08-03T16:27:36.263Z",
"dateUpdated": "2024-10-08T17:34:13.109Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39529 (GCVE-0-2023-39529)
Vulnerability from cvelistv5 – Published: 2023-08-07 20:37 – Updated: 2024-10-03 16:10
VLAI?
Title
PrestaShop vulnerable to file deletion via attachment API
Summary
PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, it is possible to delete a file from the server by using the Attachments controller and the Attachments API. Version 8.1.1 contains a patch for this issue. There are no known workarounds.
Severity ?
6.7 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
< 8.1.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-2rf5-3fw8-qm47",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-2rf5-3fw8-qm47"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/b08c647305dc1e9e6a2445b724d13a9733b6ed82",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/b08c647305dc1e9e6a2445b724d13a9733b6ed82"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39529",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T16:01:08.643622Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T16:10:35.680Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003c 8.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, it is possible to delete a file from the server by using the Attachments controller and the Attachments API. Version 8.1.1 contains a patch for this issue. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T20:37:15.946Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-2rf5-3fw8-qm47",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-2rf5-3fw8-qm47"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/b08c647305dc1e9e6a2445b724d13a9733b6ed82",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/b08c647305dc1e9e6a2445b724d13a9733b6ed82"
}
],
"source": {
"advisory": "GHSA-2rf5-3fw8-qm47",
"discovery": "UNKNOWN"
},
"title": "PrestaShop vulnerable to file deletion via attachment API"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39529",
"datePublished": "2023-08-07T20:37:15.946Z",
"dateReserved": "2023-08-03T16:27:36.263Z",
"dateUpdated": "2024-10-03T16:10:35.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39528 (GCVE-0-2023-39528)
Vulnerability from cvelistv5 – Published: 2023-08-07 20:35 – Updated: 2024-10-03 16:13
VLAI?
Title
PrestaShop vulnerable to file reading through path traversal
Summary
PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, the `displayAjaxEmailHTML` method can be used to read any file on the server, potentially even outside of the project if the server is not correctly configured. Version 8.1.1 contains a patch for this issue. There are no known workarounds.
Severity ?
6.8 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
< 8.1.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.115Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-hpf4-v7v2-95p2",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-hpf4-v7v2-95p2"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/11de3a84322fa4ecd0995ac40d575db61804724c",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/11de3a84322fa4ecd0995ac40d575db61804724c"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39528",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T16:01:14.621866Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T16:13:39.365Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003c 8.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, the `displayAjaxEmailHTML` method can be used to read any file on the server, potentially even outside of the project if the server is not correctly configured. Version 8.1.1 contains a patch for this issue. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T20:35:07.663Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-hpf4-v7v2-95p2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-hpf4-v7v2-95p2"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/11de3a84322fa4ecd0995ac40d575db61804724c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/11de3a84322fa4ecd0995ac40d575db61804724c"
}
],
"source": {
"advisory": "GHSA-hpf4-v7v2-95p2",
"discovery": "UNKNOWN"
},
"title": "PrestaShop vulnerable to file reading through path traversal"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39528",
"datePublished": "2023-08-07T20:35:07.663Z",
"dateReserved": "2023-08-03T16:27:36.263Z",
"dateUpdated": "2024-10-03T16:13:39.365Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39527 (GCVE-0-2023-39527)
Vulnerability from cvelistv5 – Published: 2023-08-07 20:32 – Updated: 2024-10-03 16:15
VLAI?
Title
PrestaShop XSS vulnerability through Validate::isCleanHTML method
Summary
PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to cross-site scripting through the `isCleanHTML` method. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds.
Severity ?
8.3 (High)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
< 1.7.8.10
Affected: >= 8.0.0, < 8.0.5 Affected: = 8.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.374Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-xw2r-f8xv-c8xp",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-xw2r-f8xv-c8xp"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/afc14f8eaa058b3e6a20ac43e033ee2656fb88b4",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/afc14f8eaa058b3e6a20ac43e033ee2656fb88b4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39527",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T16:01:22.952352Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T16:15:18.378Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003c 1.7.8.10"
},
{
"status": "affected",
"version": "\u003e= 8.0.0, \u003c 8.0.5"
},
{
"status": "affected",
"version": "= 8.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to cross-site scripting through the `isCleanHTML` method. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116: Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T20:32:45.203Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-xw2r-f8xv-c8xp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-xw2r-f8xv-c8xp"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/afc14f8eaa058b3e6a20ac43e033ee2656fb88b4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/afc14f8eaa058b3e6a20ac43e033ee2656fb88b4"
}
],
"source": {
"advisory": "GHSA-xw2r-f8xv-c8xp",
"discovery": "UNKNOWN"
},
"title": "PrestaShop XSS vulnerability through Validate::isCleanHTML method"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39527",
"datePublished": "2023-08-07T20:32:45.203Z",
"dateReserved": "2023-08-03T16:27:36.263Z",
"dateUpdated": "2024-10-03T16:15:18.378Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39526 (GCVE-0-2023-39526)
Vulnerability from cvelistv5 – Published: 2023-08-07 20:28 – Updated: 2024-10-10 19:06
VLAI?
Title
PrestaShopSQL manager vulnerability (potential RCE)
Summary
PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to remote code execution through SQL injection and arbitrary file write in the back office. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds.
Severity ?
9.1 (Critical)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
< 1.7.8.10
Affected: >= 8.0.0, < 8.0.5 Affected: = 8.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.122Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gf46-prm4-56pc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gf46-prm4-56pc"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/817847e2347844a9b6add017581f1932bcd28c09",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/817847e2347844a9b6add017581f1932bcd28c09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39526",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T19:05:56.644433Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T19:06:10.065Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003c 1.7.8.10"
},
{
"status": "affected",
"version": "\u003e= 8.0.0, \u003c 8.0.5"
},
{
"status": "affected",
"version": "= 8.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to remote code execution through SQL injection and arbitrary file write in the back office. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T20:28:59.051Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gf46-prm4-56pc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gf46-prm4-56pc"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/817847e2347844a9b6add017581f1932bcd28c09",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/817847e2347844a9b6add017581f1932bcd28c09"
}
],
"source": {
"advisory": "GHSA-gf46-prm4-56pc",
"discovery": "UNKNOWN"
},
"title": "PrestaShopSQL manager vulnerability (potential RCE)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39526",
"datePublished": "2023-08-07T20:28:59.051Z",
"dateReserved": "2023-08-03T16:27:36.262Z",
"dateUpdated": "2024-10-10T19:06:10.065Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39525 (GCVE-0-2023-39525)
Vulnerability from cvelistv5 – Published: 2023-08-07 20:23 – Updated: 2024-10-03 16:20
VLAI?
Title
PrestaShop vulnerable to path traversal
Summary
PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, in the back office, files can be compromised using path traversal by replaying the import file deletion query with a specified file path that uses the traversal path. Version 8.1.1 contains a patch for this issue. There are no known workarounds.
Severity ?
6.5 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
< 8.1.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-m9r4-3fg7-pqm2",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-m9r4-3fg7-pqm2"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/c7c9a5110421bb2856f4d312ecce192d079b5ec7",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/c7c9a5110421bb2856f4d312ecce192d079b5ec7"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39525",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T16:19:54.665845Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T16:20:05.542Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003c 8.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, in the back office, files can be compromised using path traversal by replaying the import file deletion query with a specified file path that uses the traversal path. Version 8.1.1 contains a patch for this issue. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T20:23:53.884Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-m9r4-3fg7-pqm2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-m9r4-3fg7-pqm2"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/c7c9a5110421bb2856f4d312ecce192d079b5ec7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/c7c9a5110421bb2856f4d312ecce192d079b5ec7"
}
],
"source": {
"advisory": "GHSA-m9r4-3fg7-pqm2",
"discovery": "UNKNOWN"
},
"title": "PrestaShop vulnerable to path traversal"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39525",
"datePublished": "2023-08-07T20:23:53.884Z",
"dateReserved": "2023-08-03T16:27:36.262Z",
"dateUpdated": "2024-10-03T16:20:05.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39524 (GCVE-0-2023-39524)
Vulnerability from cvelistv5 – Published: 2023-08-07 19:48 – Updated: 2024-10-03 16:20
VLAI?
Title
PrestaShop vulnerable to boolean SQL injection in search product in BO
Summary
PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, SQL injection possible in the product search field, in BO's product page. Version 8.1.1 contains a patch for this issue. There are no known workarounds.
Severity ?
6.7 (Medium)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
< 8.1.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:10:21.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-75p5-jwx4-qw9h",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-75p5-jwx4-qw9h"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/2047d4c053043102bc46a37d383b392704bf14d7",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/2047d4c053043102bc46a37d383b392704bf14d7"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39524",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T16:20:18.446579Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T16:20:27.279Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003c 8.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, SQL injection possible in the product search field, in BO\u0027s product page. Version 8.1.1 contains a patch for this issue. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-07T19:48:21.994Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-75p5-jwx4-qw9h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-75p5-jwx4-qw9h"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/2047d4c053043102bc46a37d383b392704bf14d7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/2047d4c053043102bc46a37d383b392704bf14d7"
}
],
"source": {
"advisory": "GHSA-75p5-jwx4-qw9h",
"discovery": "UNKNOWN"
},
"title": "PrestaShop vulnerable to boolean SQL injection in search product in BO"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-39524",
"datePublished": "2023-08-07T19:48:21.994Z",
"dateReserved": "2023-08-03T16:27:36.262Z",
"dateUpdated": "2024-10-03T16:20:27.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30839 (GCVE-0-2023-30839)
Vulnerability from cvelistv5 – Published: 2023-04-25 18:41 – Updated: 2025-02-03 18:08
VLAI?
Title
PrestaShop vulnerable to SQL filter bypass leading to arbitrary write requests using "SQL Manager"
Summary
PrestaShop is an Open Source e-commerce web application. Versions prior to 8.0.4 and 1.7.8.9 contain a SQL filtering vulnerability. A BO user can write, update, and delete in the database, even without having specific rights. PrestaShop 8.0.4 and 1.7.8.9 contain a patch for this issue. There are no known workarounds.
Severity ?
10 (Critical)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
>= 8.0.0, < 8.0.4
Affected: < 1.7.8.9 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:15.458Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-p379-cxqh-q822",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-p379-cxqh-q822"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/0f2a9b7fdd42d1dd3b21d4fad586a849642f3c30",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/0f2a9b7fdd42d1dd3b21d4fad586a849642f3c30"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/d1d27dc371599713c912b71bc2a455cacd7f2149",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/d1d27dc371599713c912b71bc2a455cacd7f2149"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30839",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-03T18:07:54.375956Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-03T18:08:09.963Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003e= 8.0.0, \u003c 8.0.4"
},
{
"status": "affected",
"version": "\u003c 1.7.8.9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an Open Source e-commerce web application. Versions prior to 8.0.4 and 1.7.8.9 contain a SQL filtering vulnerability. A BO user can write, update, and delete in the database, even without having specific rights. PrestaShop 8.0.4 and 1.7.8.9 contain a patch for this issue. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-25T18:41:38.777Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-p379-cxqh-q822",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-p379-cxqh-q822"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/0f2a9b7fdd42d1dd3b21d4fad586a849642f3c30",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/0f2a9b7fdd42d1dd3b21d4fad586a849642f3c30"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/d1d27dc371599713c912b71bc2a455cacd7f2149",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/d1d27dc371599713c912b71bc2a455cacd7f2149"
}
],
"source": {
"advisory": "GHSA-p379-cxqh-q822",
"discovery": "UNKNOWN"
},
"title": "PrestaShop vulnerable to SQL filter bypass leading to arbitrary write requests using \"SQL Manager\""
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-30839",
"datePublished": "2023-04-25T18:41:38.777Z",
"dateReserved": "2023-04-18T16:13:15.880Z",
"dateUpdated": "2025-02-03T18:08:09.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30838 (GCVE-0-2023-30838)
Vulnerability from cvelistv5 – Published: 2023-04-25 18:22 – Updated: 2025-02-03 19:34
VLAI?
Title
PrestaShop vulnerable to possible XSS injection through Validate::isCleanHTML method
Summary
PrestaShop is an Open Source e-commerce web application. Prior to versions 8.0.4 and 1.7.8.9, the `ValidateCore::isCleanHTML()` method of Prestashop misses hijackable events which can lead to cross-site scripting (XSS) injection, allowed by the presence of pre-setup `@keyframes` methods. This XSS, which hijacks HTML attributes, can be triggered without any interaction by the visitor/administrator, which makes it as dangerous as a trivial XSS attack. Contrary to other attacks which target HTML attributes and are triggered without user interaction (such as onload / onerror which suffer from a very limited scope), this one can hijack every HTML element, which increases the danger due to a complete HTML elements scope. Versions 8.0.4 and 1.7.8.9 contain a fix for this issue.
Severity ?
8.6 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
>= 8.0.0, < 8.0.4
Affected: < 1.7.8.9 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:15.536Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-fh7r-996q-gvcp",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-fh7r-996q-gvcp"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/46408ae4b02f3b8b1bb6e9dc63af5bcd858abd9c",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/46408ae4b02f3b8b1bb6e9dc63af5bcd858abd9c"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/dc682192df0e4b0d656a8e645b29ca1b9dbe3693",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/dc682192df0e4b0d656a8e645b29ca1b9dbe3693"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30838",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-03T19:34:44.162026Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-03T19:34:54.511Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003e= 8.0.0, \u003c 8.0.4"
},
{
"status": "affected",
"version": "\u003c 1.7.8.9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an Open Source e-commerce web application. Prior to versions 8.0.4 and 1.7.8.9, the `ValidateCore::isCleanHTML()` method of Prestashop misses hijackable events which can lead to cross-site scripting (XSS) injection, allowed by the presence of pre-setup `@keyframes` methods. This XSS, which hijacks HTML attributes, can be triggered without any interaction by the visitor/administrator, which makes it as dangerous as a trivial XSS attack. Contrary to other attacks which target HTML attributes and are triggered without user interaction (such as onload / onerror which suffer from a very limited scope), this one can hijack every HTML element, which increases the danger due to a complete HTML elements scope. Versions 8.0.4 and 1.7.8.9 contain a fix for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-25T18:22:54.521Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-fh7r-996q-gvcp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-fh7r-996q-gvcp"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/46408ae4b02f3b8b1bb6e9dc63af5bcd858abd9c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/46408ae4b02f3b8b1bb6e9dc63af5bcd858abd9c"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/dc682192df0e4b0d656a8e645b29ca1b9dbe3693",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/dc682192df0e4b0d656a8e645b29ca1b9dbe3693"
}
],
"source": {
"advisory": "GHSA-fh7r-996q-gvcp",
"discovery": "UNKNOWN"
},
"title": "PrestaShop vulnerable to possible XSS injection through Validate::isCleanHTML method"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-30838",
"datePublished": "2023-04-25T18:22:54.521Z",
"dateReserved": "2023-04-18T16:13:15.879Z",
"dateUpdated": "2025-02-03T19:34:54.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30545 (GCVE-0-2023-30545)
Vulnerability from cvelistv5 – Published: 2023-04-25 17:47 – Updated: 2025-02-03 19:36
VLAI?
Title
PrestaShop arbitrary file read vulnerability
Summary
PrestaShop is an Open Source e-commerce web application. Prior to versions 8.0.4 and 1.7.8.9, it is possible for a user with access to the SQL Manager (Advanced Options -> Database) to arbitrarily read any file on the operating system when using SQL function `LOAD_FILE` in a `SELECT` request. This gives the user access to critical information. A patch is available in PrestaShop 8.0.4 and PS 1.7.8.9
Severity ?
7.7 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
< 1.7.8.9
Affected: >= 8.0.0, < 8.0.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:28:51.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-8r4m-5p6p-52rp",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-8r4m-5p6p-52rp"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/cddac4198a47c602878a787280d813f60c6c0630",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/cddac4198a47c602878a787280d813f60c6c0630"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/d900806e1841a31f26ff0a1843a6888fc1bb7f81",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/d900806e1841a31f26ff0a1843a6888fc1bb7f81"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30545",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-03T19:36:12.172162Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-03T19:36:21.288Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003c 1.7.8.9"
},
{
"status": "affected",
"version": "\u003e= 8.0.0, \u003c 8.0.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an Open Source e-commerce web application. Prior to versions 8.0.4 and 1.7.8.9, it is possible for a user with access to the SQL Manager (Advanced Options -\u003e Database) to arbitrarily read any file on the operating system when using SQL function `LOAD_FILE` in a `SELECT` request. This gives the user access to critical information. A patch is available in PrestaShop 8.0.4 and PS 1.7.8.9\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-25T17:47:01.579Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-8r4m-5p6p-52rp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-8r4m-5p6p-52rp"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/cddac4198a47c602878a787280d813f60c6c0630",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/cddac4198a47c602878a787280d813f60c6c0630"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/d900806e1841a31f26ff0a1843a6888fc1bb7f81",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/d900806e1841a31f26ff0a1843a6888fc1bb7f81"
}
],
"source": {
"advisory": "GHSA-8r4m-5p6p-52rp",
"discovery": "UNKNOWN"
},
"title": "PrestaShop arbitrary file read vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-30545",
"datePublished": "2023-04-25T17:47:01.579Z",
"dateReserved": "2023-04-12T15:19:33.767Z",
"dateUpdated": "2025-02-03T19:36:21.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25170 (GCVE-0-2023-25170)
Vulnerability from cvelistv5 – Published: 2023-03-13 16:55 – Updated: 2025-02-25 14:58
VLAI?
Title
PrestaShop has possible CSRF token fixation
Summary
PrestaShop is an open source e-commerce web application that, prior to version 8.0.1, is vulnerable to cross-site request forgery (CSRF). When authenticating users, PrestaShop preserves session attributes. Because this does not clear CSRF tokens upon login, this might enable same-site attackers to bypass the CSRF protection mechanism by performing an attack similar to a session-fixation. The problem is fixed in version 8.0.1.
Severity ?
5 (Medium)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
>= 1.7.0.0, < 8.0.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:18:35.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-3g43-x7qr-96ph",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-3g43-x7qr-96ph"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25170",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-25T14:29:46.050816Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-25T14:58:36.483Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.7.0.0, \u003c 8.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an open source e-commerce web application that, prior to version 8.0.1, is vulnerable to cross-site request forgery (CSRF). When authenticating users, PrestaShop preserves session attributes. Because this does not clear CSRF tokens upon login, this might enable same-site attackers to bypass the CSRF protection mechanism by performing an attack similar to a session-fixation. The problem is fixed in version 8.0.1.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-13T16:55:24.523Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-3g43-x7qr-96ph",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-3g43-x7qr-96ph"
}
],
"source": {
"advisory": "GHSA-3g43-x7qr-96ph",
"discovery": "UNKNOWN"
},
"title": "PrestaShop has possible CSRF token fixation"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-25170",
"datePublished": "2023-03-13T16:55:24.523Z",
"dateReserved": "2023-02-03T16:59:18.246Z",
"dateUpdated": "2025-02-25T14:58:36.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46158 (GCVE-0-2022-46158)
Vulnerability from cvelistv5 – Published: 2022-12-08 21:50 – Updated: 2025-04-23 16:30
VLAI?
Title
Potential Information exposure in the upload directory in PrestaShop
Summary
PrestaShop is an open-source e-commerce solution. Versions prior to 1.7.8.8 did not properly restrict host filesystem access for users. Users may have been able to view the contents of the upload directory without appropriate permissions. This issue has been addressed and users are advised to upgrade to version 1.7.8.8. There are no known workarounds for this issue.
Severity ?
5.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
< 1.7.8.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:24:03.395Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-9qgp-9wwc-v29r",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-9qgp-9wwc-v29r"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/8684d429fb7c3bb51efb098e8b92a1fd2958f8cf",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/8684d429fb7c3bb51efb098e8b92a1fd2958f8cf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46158",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T15:47:57.898181Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:30:45.764Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003c 1.7.8.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an open-source e-commerce solution. Versions prior to 1.7.8.8 did not properly restrict host filesystem access for users. Users may have been able to view the contents of the upload directory without appropriate permissions. This issue has been addressed and users are advised to upgrade to version 1.7.8.8. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-08T21:50:44.155Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-9qgp-9wwc-v29r",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-9qgp-9wwc-v29r"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/8684d429fb7c3bb51efb098e8b92a1fd2958f8cf",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/8684d429fb7c3bb51efb098e8b92a1fd2958f8cf"
}
],
"source": {
"advisory": "GHSA-9qgp-9wwc-v29r",
"discovery": "UNKNOWN"
},
"title": "Potential Information exposure in the upload directory in PrestaShop"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-46158",
"datePublished": "2022-12-08T21:50:44.155Z",
"dateReserved": "2022-11-28T17:27:19.997Z",
"dateUpdated": "2025-04-23T16:30:45.764Z",
"requesterUserId": "c184a3d9-dc98-4c48-a45b-d2d88cf0ac74",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-35933 (GCVE-0-2022-35933)
Vulnerability from cvelistv5 – Published: 2022-09-02 19:30 – Updated: 2025-04-23 17:32
VLAI?
Title
PrestaShop module Product Comments vulnerable to cross-site scripting (XSS)
Summary
This package is a PrestaShop module that allows users to post reviews and rate products. There is a vulnerability where the attacker could steal an administrator's cookie. The issue is fixed in version 5.0.2.
Severity ?
4.3 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | productcomments |
Affected:
< 5.0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:51:59.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/productcomments/security/advisories/GHSA-prrh-qvhf-x788"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/productcomments/commit/314456d739155aa71f0b235827e8e0f24b97c26b"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-35933",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:01:32.762241Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:32:24.970Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "productcomments",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003c 5.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "This package is a PrestaShop module that allows users to post reviews and rate products. There is a vulnerability where the attacker could steal an administrator\u0027s cookie. The issue is fixed in version 5.0.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-02T19:30:14.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/productcomments/security/advisories/GHSA-prrh-qvhf-x788"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/productcomments/commit/314456d739155aa71f0b235827e8e0f24b97c26b"
}
],
"source": {
"advisory": "GHSA-prrh-qvhf-x788",
"discovery": "UNKNOWN"
},
"title": "PrestaShop module Product Comments vulnerable to cross-site scripting (XSS)",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-35933",
"STATE": "PUBLIC",
"TITLE": "PrestaShop module Product Comments vulnerable to cross-site scripting (XSS)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "productcomments",
"version": {
"version_data": [
{
"version_value": "\u003c 5.0.2"
}
]
}
}
]
},
"vendor_name": "PrestaShop"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This package is a PrestaShop module that allows users to post reviews and rate products. There is a vulnerability where the attacker could steal an administrator\u0027s cookie. The issue is fixed in version 5.0.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/PrestaShop/productcomments/security/advisories/GHSA-prrh-qvhf-x788",
"refsource": "CONFIRM",
"url": "https://github.com/PrestaShop/productcomments/security/advisories/GHSA-prrh-qvhf-x788"
},
{
"name": "https://github.com/PrestaShop/productcomments/commit/314456d739155aa71f0b235827e8e0f24b97c26b",
"refsource": "MISC",
"url": "https://github.com/PrestaShop/productcomments/commit/314456d739155aa71f0b235827e8e0f24b97c26b"
}
]
},
"source": {
"advisory": "GHSA-prrh-qvhf-x788",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-35933",
"datePublished": "2022-09-02T19:30:14.000Z",
"dateReserved": "2022-07-15T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:32:24.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31181 (GCVE-0-2022-31181)
Vulnerability from cvelistv5 – Published: 2022-08-01 19:30 – Updated: 2025-04-23 17:56
VLAI?
Title
Remote code execution in prestashop
Summary
PrestaShop is an Open Source e-commerce platform. In versions from 1.6.0.10 and before 1.7.8.7 PrestaShop is subject to an SQL injection vulnerability which can be chained to call PHP's Eval function on attacker input. The problem is fixed in version 1.7.8.7. Users are advised to upgrade. Users unable to upgrade may delete the MySQL Smarty cache feature.
Severity ?
9.8 (Critical)
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
>= 1.6.0.10, < 1.7.8.7
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.688Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-hrgx-p36p-89q4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/b6d96e7c2a4e35a44e96ffbcdfd34439b56af804"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.8.7"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31181",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T15:48:50.998040Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:56:10.835Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.6.0.10, \u003c 1.7.8.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an Open Source e-commerce platform. In versions from 1.6.0.10 and before 1.7.8.7 PrestaShop is subject to an SQL injection vulnerability which can be chained to call PHP\u0027s Eval function on attacker input. The problem is fixed in version 1.7.8.7. Users are advised to upgrade. Users unable to upgrade may delete the MySQL Smarty cache feature."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T19:30:16.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-hrgx-p36p-89q4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/b6d96e7c2a4e35a44e96ffbcdfd34439b56af804"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.8.7"
}
],
"source": {
"advisory": "GHSA-hrgx-p36p-89q4",
"discovery": "UNKNOWN"
},
"title": "Remote code execution in prestashop",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31181",
"STATE": "PUBLIC",
"TITLE": "Remote code execution in prestashop"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PrestaShop",
"version": {
"version_data": [
{
"version_value": "\u003e= 1.6.0.10, \u003c 1.7.8.7"
}
]
}
}
]
},
"vendor_name": "PrestaShop"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrestaShop is an Open Source e-commerce platform. In versions from 1.6.0.10 and before 1.7.8.7 PrestaShop is subject to an SQL injection vulnerability which can be chained to call PHP\u0027s Eval function on attacker input. The problem is fixed in version 1.7.8.7. Users are advised to upgrade. Users unable to upgrade may delete the MySQL Smarty cache feature."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-hrgx-p36p-89q4",
"refsource": "CONFIRM",
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-hrgx-p36p-89q4"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/b6d96e7c2a4e35a44e96ffbcdfd34439b56af804",
"refsource": "MISC",
"url": "https://github.com/PrestaShop/PrestaShop/commit/b6d96e7c2a4e35a44e96ffbcdfd34439b56af804"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.8.7",
"refsource": "MISC",
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.8.7"
}
]
},
"source": {
"advisory": "GHSA-hrgx-p36p-89q4",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31181",
"datePublished": "2022-08-01T19:30:16.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:56:10.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31101 (GCVE-0-2022-31101)
Vulnerability from cvelistv5 – Published: 2022-06-27 22:15 – Updated: 2025-04-22 17:53
VLAI?
Title
SQL Injection in prestashop/blockwishlist
Summary
prestashop/blockwishlist is a prestashop extension which adds a block containing the customer's wishlists. In affected versions an authenticated customer can perform SQL injection. This issue is fixed in version 2.1.1. Users are advised to upgrade. There are no known workarounds for this issue.
Severity ?
8.1 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | blockwishlist |
Affected:
>= 2.0.0, < 2.1.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/blockwishlist/security/advisories/GHSA-2jx3-5j9v-prpp"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/blockwishlist/commit/b3ec4b85af5fd73f74d55390b226d221298ca084"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/168003/Prestashop-Blockwishlist-2.1.0-SQL-Injection.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31101",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T15:42:56.432256Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T17:53:16.914Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "blockwishlist",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "prestashop/blockwishlist is a prestashop extension which adds a block containing the customer\u0027s wishlists. In affected versions an authenticated customer can perform SQL injection. This issue is fixed in version 2.1.1. Users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-09T17:06:56.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/blockwishlist/security/advisories/GHSA-2jx3-5j9v-prpp"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/blockwishlist/commit/b3ec4b85af5fd73f74d55390b226d221298ca084"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/168003/Prestashop-Blockwishlist-2.1.0-SQL-Injection.html"
}
],
"source": {
"advisory": "GHSA-2jx3-5j9v-prpp",
"discovery": "UNKNOWN"
},
"title": "SQL Injection in prestashop/blockwishlist",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31101",
"STATE": "PUBLIC",
"TITLE": "SQL Injection in prestashop/blockwishlist"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "blockwishlist",
"version": {
"version_data": [
{
"version_value": "\u003e= 2.0.0, \u003c 2.1.1"
}
]
}
}
]
},
"vendor_name": "PrestaShop"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "prestashop/blockwishlist is a prestashop extension which adds a block containing the customer\u0027s wishlists. In affected versions an authenticated customer can perform SQL injection. This issue is fixed in version 2.1.1. Users are advised to upgrade. There are no known workarounds for this issue."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/PrestaShop/blockwishlist/security/advisories/GHSA-2jx3-5j9v-prpp",
"refsource": "CONFIRM",
"url": "https://github.com/PrestaShop/blockwishlist/security/advisories/GHSA-2jx3-5j9v-prpp"
},
{
"name": "https://github.com/PrestaShop/blockwishlist/commit/b3ec4b85af5fd73f74d55390b226d221298ca084",
"refsource": "MISC",
"url": "https://github.com/PrestaShop/blockwishlist/commit/b3ec4b85af5fd73f74d55390b226d221298ca084"
},
{
"name": "http://packetstormsecurity.com/files/168003/Prestashop-Blockwishlist-2.1.0-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/168003/Prestashop-Blockwishlist-2.1.0-SQL-Injection.html"
}
]
},
"source": {
"advisory": "GHSA-2jx3-5j9v-prpp",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31101",
"datePublished": "2022-06-27T22:15:20.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-22T17:53:16.914Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21686 (GCVE-0-2022-21686)
Vulnerability from cvelistv5 – Published: 2022-01-26 20:10 – Updated: 2025-04-23 19:09
VLAI?
Title
Server Side Twig Template Injection in PrestaShop
Summary
PrestaShop is an Open Source e-commerce platform. Starting with version 1.7.0.0 and ending with version 1.7.8.3, an attacker is able to inject twig code inside the back office when using the legacy layout. The problem is fixed in version 1.7.8.3. There are no known workarounds.
Severity ?
9 (Critical)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PrestaShop | PrestaShop |
Affected:
>= 1.7.0.0, < 1.7.8.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:46:39.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-mrq4-7ch7-2465"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/d02b469ec365822e6a9f017e57f588966248bf21"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.8.3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-21686",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T15:56:49.163569Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T19:09:07.936Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PrestaShop",
"vendor": "PrestaShop",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.7.0.0, \u003c 1.7.8.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrestaShop is an Open Source e-commerce platform. Starting with version 1.7.0.0 and ending with version 1.7.8.3, an attacker is able to inject twig code inside the back office when using the legacy layout. The problem is fixed in version 1.7.8.3. There are no known workarounds."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-26T20:10:10.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-mrq4-7ch7-2465"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/commit/d02b469ec365822e6a9f017e57f588966248bf21"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.8.3"
}
],
"source": {
"advisory": "GHSA-mrq4-7ch7-2465",
"discovery": "UNKNOWN"
},
"title": "Server Side Twig Template Injection in PrestaShop",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-21686",
"STATE": "PUBLIC",
"TITLE": "Server Side Twig Template Injection in PrestaShop"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PrestaShop",
"version": {
"version_data": [
{
"version_value": "\u003e= 1.7.0.0, \u003c 1.7.8.3"
}
]
}
}
]
},
"vendor_name": "PrestaShop"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrestaShop is an Open Source e-commerce platform. Starting with version 1.7.0.0 and ending with version 1.7.8.3, an attacker is able to inject twig code inside the back office when using the legacy layout. The problem is fixed in version 1.7.8.3. There are no known workarounds."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-mrq4-7ch7-2465",
"refsource": "CONFIRM",
"url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-mrq4-7ch7-2465"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/commit/d02b469ec365822e6a9f017e57f588966248bf21",
"refsource": "MISC",
"url": "https://github.com/PrestaShop/PrestaShop/commit/d02b469ec365822e6a9f017e57f588966248bf21"
},
{
"name": "https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.8.3",
"refsource": "MISC",
"url": "https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.8.3"
}
]
},
"source": {
"advisory": "GHSA-mrq4-7ch7-2465",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-21686",
"datePublished": "2022-01-26T20:10:10.000Z",
"dateReserved": "2021-11-16T00:00:00.000Z",
"dateUpdated": "2025-04-23T19:09:07.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}