Количество 2
Количество 2
CVE-2024-34717
PrestaShop is an open source e-commerce web application. In PrestaShop 8.1.5, any invoice can be downloaded from front-office in anonymous mode, by supplying a random secure_key parameter in the url. This issue is patched in version 8.1.6. No known workarounds are available.
GHSA-7pjr-2rgh-fc5g
Anonymous PrestaShop customer can download other customers' invoices
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-34717 PrestaShop is an open source e-commerce web application. In PrestaShop 8.1.5, any invoice can be downloaded from front-office in anonymous mode, by supplying a random secure_key parameter in the url. This issue is patched in version 8.1.6. No known workarounds are available. | CVSS3: 5.3 | 0% Низкий | больше 1 года назад |
| GHSA-7pjr-2rgh-fc5g Anonymous PrestaShop customer can download other customers' invoices | CVSS3: 5.3 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу