exploitDog

CVE-2024-24304

Опубликовано: 07 фев. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

In the module "Mailjet" (mailjet) from Mailjet for PrestaShop before versions 3.5.1, a guest can download technical information without restriction.

Ссылки

https://github.com/mailjet/prestashop-mailjet-plugin-apiv3/releases/tag/v3.5.1
Release Notes
https://security.friendsofpresta.org/modules/2024/02/06/mailjet.html
Patch
Third Party Advisory
https://github.com/mailjet/prestashop-mailjet-plugin-apiv3/releases/tag/v3.5.1
Release Notes
https://security.friendsofpresta.org/modules/2024/02/06/mailjet.html
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sinch:mailjet:*:*:*:*:*:prestashop:*:*

Версия до 3.5.1 (исключая)

EPSS

Процентиль: 31%

0.00121

Низкий

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-200

Связанные уязвимости

GHSA-rj43-7hfm-whrc

CVSS3: 7.5

github

около 2 лет назад

In the module "Mailjet" (mailjet) from Mailjet for PrestaShop before versions 3.5.1, a guest can download technical information without restriction.

EPSS

Процентиль: 31%

0.00121

Низкий

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-200