CVE-2024-25844

Name of the Vulnerable Software and Affected Versions PrestaShop versions prior to 4.1.26

Description An issue in the Common-Services "So Flexibilite" (soflexibilite) module allows remote attackers to escalate privileges and obtain sensitive information via a debug file.

Recommendations For versions prior to 4.1.26, update to version 4.1.26 or later to resolve the issue. As a temporary workaround, consider disabling the debug file functionality in the "So Flexibilite" module until a patch is applied.