High severity7.5NVD Advisory· Published Nov 17, 2023· Updated Jun 17, 2026
CVE-2023-45382
CVE-2023-45382
Description
In the module "SoNice Retour" (sonice_retour) up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a guest can perform a path traversal to view all files on the information system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Common-Services/SoNice Retourdescription
- Range: <=2.1.0
Patches
Vulnerability mechanics
References
2- security.friendsofpresta.org/modules/2023/11/16/sonice_retour.htmlnvdThird Party Advisory
- common-services.com/fr/home-fr/nvdProduct
News mentions
0No linked articles in our index yet.