CVE-2023-48188

Name of the Vulnerable Software and Affected Versions PrestaShop opartdevis versions 4.5.18 through 4.6.12

Description A SQL injection issue allows a remote attacker to execute arbitrary code via a crafted script to the getModuleTranslation function. This enables the attacker to potentially access and manipulate sensitive data.

Recommendations For PrestaShop opartdevis versions 4.5.18 through 4.6.12, as a temporary workaround, consider disabling the getModuleTranslation function until a patch is available. Restrict access to the module to minimize the risk of exploitation. Avoid using the vulnerable function in scripts until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.