PT-2023-22578 · Prestashop · Prestashop Salesbooster
Published
2023-05-30
·
Updated
2025-01-13
·
CVE-2023-30196
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Prestashop salesbooster versions 1.10.4 and earlier
Description
The issue is related to Incorrect Access Control. It affects the "download.php" file in the "modules/salesbooster/downloads" directory.
Recommendations
For Prestashop salesbooster versions 1.10.4 and earlier, update to a version later than 1.10.4 to resolve the issue.
As a temporary workaround, consider restricting access to the "download.php" file in the "modules/salesbooster/downloads" directory until a patch is available.
Fix
Origin Validation Error
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Prestashop Salesbooster