PT-2020-14170 · Prestashop · Prestashop

Matkspublished

·

Published

2020-07-02

·

Updated

2020-07-02

·

CVE-2020-15082

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions PrestaShop versions 1.6.0.1 through 1.7.6.5
Description The issue allows rewriting all configuration variables through the dashboard. The problem is fixed in version 1.7.6.6.
Recommendations For PrestaShop versions 1.6.0.1 through 1.7.6.5, update to version 1.7.6.6 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2020-15082
GHSA-MC98-XJM3-C4FM

Affected Products

Prestashop