Unrated severityNVD Advisory· Published Apr 20, 2020· Updated Aug 4, 2024

Improper access control on product page with combinations, attachments and specific prices in PrestaShop

CVE-2020-5293

Description

In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there are improper access controls on product page with combinations, attachments and specific prices. The problem is fixed in 1.7.6.5.

Affected products

Prestashop/Prestashopv5
Range: >= 1.7.0.0, < 1.7.6.5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/PrestaShop/PrestaShop/commit/f9f442c87755908e23a6bcba8c443cdea1d78a7fmitrex_refsource_MISC
github.com/PrestaShop/PrestaShop/security/advisories/GHSA-cvjj-grfv-f56wmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000