Kto94

**Name of the Vulnerable Software and Affected Versions** PrestaShop versions prior to 8.1.1 **Description** The issue allows an attacker to delete a file from the server by utilizing the Attachments controller and the Attachments API. There are no known workarounds for this issue. **Recommendations** For PrestaShop versions prior to 8.1.1, update to version 8.1.1 to resolve the issue. As a temporary workaround, consider restricting access to the Attachments controller and the Attachments API until the update is applied.

**Name of the Vulnerable Software and Affected Versions** PrestaShop versions prior to 8.1.1 **Description** The issue allows deletion of files from the server via the `CustomerMessage` API. There are no known workarounds for this problem. **Recommendations** For versions prior to 8.1.1, update to version 8.1.1 to resolve the issue. As a temporary workaround, consider restricting access to the `CustomerMessage` API until the update is applied.