PT-2026-39555 · Packagist · Prestashop Checkout

Publicado

2026-04-30

·

Atualizado

2026-04-30

CVSS v4.0

2.7

Baixa

VetorAV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U

Impact

Unvalidated parameter can lead to some unauthorized method invocation with very little possibilities.

Patches

The problem has been patched in versions
  • v5.3.0 for PrestaShop 1.7 (build number: 7.5.3.0)
  • v5.3.0 for PrestaShop 8 (build number: 8.5.3.0)
  • v5.3.0 for PrestaShop 9 (build number: 9.5.3.0)
Read the [Versioning policy](https://github.com/PrestaShopCorp/ps checkout/wiki/Versioning) to learn more about the build numbers.

Credits

PrestaShop thanks PATICEO for reporting the issue.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

GHSA-MQQ7-WXX5-MP8H

Produtos afetados

Prestashop Checkout