In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there are improper access controls on product page with combinations, attachments and specific prices. The problem is fixed in 1.7.6.5.
References
Link | Resource |
---|---|
https://github.com/PrestaShop/PrestaShop/commit/f9f442c87755908e23a6bcba8c443cdea1d78a7f | Patch Third Party Advisory |
https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-cvjj-grfv-f56w | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2020-04-20T16:55:17
Updated: 2020-04-20T16:55:17
Reserved: 2020-01-02T00:00:00
Link: CVE-2020-5293
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-04-20T17:15:16.320
Modified: 2020-04-27T17:47:31.873
Link: CVE-2020-5293
JSON object: View
Redhat Information
No data.