CVE-2012-5800

Name of the Vulnerable Software and Affected Versions PrestaShop (affected versions not specified)

Description The issue concerns a problem with the eBay module in PrestaShop, where it fails to verify the server hostname against the domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate. This oversight allows man-in-the-middle attackers to spoof SSL servers by using any valid certificate.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.