Maxime Morel

Name of the Vulnerable Software and Affected Versions: PrestaShop versions prior to 8.2.1 PrestaShop version 8.2.2 PrestaShop version 8.2.3 Description: An issue exists in the `controllers/admin/AdminLoginController.php` file that allows attackers to gain sensitive information via the password reset feature. This allows for the enumeration of Back Office accounts remotely without requiring login credentials. Recommendations: Upgrade to version 8.2.3. Upgrade to version 8.2.1 or later.