Unrated severityNVD Advisory· Published Jul 2, 2020· Updated Aug 4, 2024
External control of configuration setting in the dashboard in PrestaShop
CVE-2020-15082
Description
In PrestaShop from version 1.6.0.1 and before version 1.7.6.6, the dashboard allows rewriting all configuration variables. The problem is fixed in 1.7.6.6
Affected products
2>=1.6.0.1, <1.7.6.6+ 1 more
- (no CPE)range: >=1.6.0.1, <1.7.6.6
- (no CPE)range: >= 1.6.0.1, < 1.7.6.6
Patches
Vulnerability mechanics
References
2- github.com/PrestaShop/PrestaShop/commit/0f0d6238169a79d94f5ef28d24e60a9be8902f4bmitrex_refsource_MISC
- github.com/PrestaShop/PrestaShop/security/advisories/GHSA-mc98-xjm3-c4fmmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.