← Volver a CVEs
CVE-2023-47110
CRITICAL9.1
Descripcion
blockreassurance adds an information block aimed at offering helpful information to reassure customers that their store is trustworthy. An ajax function in module blockreassurance allows modifying any value in the configuration table. This vulnerability has been patched in version 5.1.4.
Detalles CVE
Puntuacion CVSS v3.19.1
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado11/9/2023
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
prestashop:customer_reassurance_block
Debilidades (CWE)
CWE-284
Referencias
https://github.com/PrestaShop/blockreassurance/security/advisories/GHSA-xfm3-hjcc-gv78(security-advisories@github.com)
https://github.com/PrestaShop/blockreassurance/security/advisories/GHSA-xfm3-hjcc-gv78(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.