Описание
Shoppingfeed PrestaShop is an add-on to the PrestaShop ecommerce platform to synchronize data. The module Shoppingfeed for PrestaShop is vulnerable to SQL injection between version 1.4.0 and 1.8.2 due to a lack of input sanitization. This issue has been addressed in version 1.8.3. Users are advised to upgrade. There are no known workarounds for this issue.
Ссылки
- Patch
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.4.0 (включая) до 1.8.3 (исключая)
cpe:2.3:a:shoppingfeed:shoppingfeed:*:*:*:*:*:prestashop:*:*
EPSS
Процентиль: 40%
0.00182
Низкий
9.4 Critical
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-89
EPSS
Процентиль: 40%
0.00182
Низкий
9.4 Critical
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-89