Low severity3.7NVD Advisory· Published Sep 8, 2025· Updated Jun 17, 2026
CVE-2025-51586
CVE-2025-51586
Description
An issue was discoverd in file controllers/admin/AdminLoginController.php in PrestaShop before 8.2.1 allowing attackers to gain sensitive information via the reset password feature.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
prestashop/prestashopPackagist | < 8.2.3 | 8.2.3 |
Affected products
3- osv-coords2 versions
< 8.2.1+ 1 more
- (no CPE)range: < 8.2.1
- (no CPE)range: < 8.2.3
Patches
Vulnerability mechanics
References
10- github.com/advisories/GHSA-8xx5-h6m3-jr33ghsaADVISORY
- maxime-morel.github.io/advisories/2025/CVE-2025-51586.mdnvdThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2025-51586ghsaADVISORY
- build.prestashop-project.org/news/2025/prestashop-8-2-3-security-releaseghsaWEB
- github.com/PrestaShop/PrestaShop/commit/c97bdf10f77fedbe5a61a1dec5f96b3abb1d76fbghsaWEB
- github.com/PrestaShop/PrestaShop/releases/tag/8.2.1nvdRelease NotesWEB
- github.com/PrestaShop/PrestaShop/releases/tag/8.2.3ghsaWEB
- github.com/PrestaShop/PrestaShop/security/advisories/GHSA-8xx5-h6m3-jr33ghsaWEB
- prestashop.comghsaWEB
- prestashop.comnvdProduct
News mentions
0No linked articles in our index yet.