Prestashop · Prestashop · CVE-2020-5250
**Name of the Vulnerable Software and Affected Versions**
PrestaShop versions prior to 1.7.6.4
**Description**
The issue allows a customer to modify the `id address` when editing their address, potentially leading to the theft of someone else's address. Similarly, with CustomerForm, a customer can change the `id customer` and alter all information of any account.
**Recommendations**
For versions prior to 1.7.6.4, update to version 1.7.6.4 to resolve the issue. As a temporary workaround, consider restricting access to the address editing form and CustomerForm until the update is applied.