Описание
Path disclosure in JavaScript variable
Impact
Path disclosure in JavaScript variable
Patches
Patch in PrestaShop 8.1.4
References
https://owasp.org/www-community/attacks/Full_Path_Disclosure
Thanks to https://github.com/hugo-fasone
Пакеты
Наименование
prestashop/prestashop
composer
Затронутые версииВерсия исправления
>= 8.1.0, < 8.1.4
8.1.4
Связанные уязвимости
CVSS3: 5.8
nvd
почти 2 года назад
PrestaShop is an open-source e-commerce platform. Starting in version 8.1.0 and prior to version 8.1.4, PrestaShop is vulnerable to path disclosure in a JavaScript variable. A patch is available in version 8.1.4.