Insecure permissions vulnerability was discovered, due to a lack of permissions’s control in scquickaccounting before v3.7.3 from Store Commander for PrestaShop, a guest can access exports from the module which can lead to leak of personnal informations from ps_customer table sush as name / surname / email
References
Link | Resource |
---|---|
https://friends-of-presta.github.io/security-advisories/modules/2023/05/04/scquickaccounting.html | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-05-16T00:00:00
Updated: 2023-06-07T00:00:00
Reserved: 2023-04-07T00:00:00
Link: CVE-2023-30281
JSON object: View
NVD Information
Status : Modified
Published: 2023-05-16T20:15:09.323
Modified: 2023-06-07T01:15:39.057
Link: CVE-2023-30281
JSON object: View
Redhat Information
No data.
CWE