PT-2024-21150 · Webbax · Super Newsletter
Published
2024-03-03
·
Updated
2024-08-26
·
CVE-2024-25839
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
PrestaShop versions 1.4.21 and earlier
Description
An issue was discovered in the Webbax "Super Newsletter" module, allowing local attackers to escalate privileges and obtain sensitive information.
Recommendations
For PrestaShop versions 1.4.21 and earlier, consider disabling the Webbax "Super Newsletter" module until a patch is available to prevent privilege escalation and sensitive information disclosure.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Super Newsletter