CVE-2023-6921

Name of the Vulnerable Software and Affected Versions PrestaShop (affected versions not specified) PrestaShow Google Integrator (PrestaShop addon) (affected versions not specified)

Description The issue is related to a Blind SQL Injection vulnerability in the PrestaShow Google Integrator addon for PrestaShop. This vulnerability allows an attacker to extract and modify data by inserting commands into one of the cookies. The vulnerability can be exploited remotely.

Recommendations For PrestaShop, consider restricting access to the PrestaShow Google Integrator addon until a patch is available. For PrestaShow Google Integrator (PrestaShop addon), avoid using the vulnerable cookie parameter until the issue is resolved. As a temporary workaround, consider disabling the PrestaShow Google Integrator addon until a patch is available.