CVE-2023-27570

Name of the Vulnerable Software and Affected Versions eo tags package versions prior to 1.4.19 for PrestaShop

Description The issue allows SQL injection via a crafted ga cookie. This enables potential attackers to inject malicious SQL code, potentially leading to unauthorized access or manipulation of data.

Recommendations For versions prior to 1.4.19, update to version 1.4.19 or later to resolve the issue. As a temporary workaround, consider restricting access to the ga cookie to minimize the risk of exploitation.