Description
In PrestaShop from version 1.7.4.0 and before version 1.7.6.6, some files should not be in the release archive, and others should not be accessible. The problem is fixed in version 1.7.6.6 A possible workaround is to make sure `composer.json` and `docker-compose.yml` are not accessible on your server.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Photo Album Plus Unspecified Vulnerability (7.2.04)
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2014-0231)
WordPress Plugin WP Mobile Menu-The Mobile-Friendly Responsive Menu Cross-Site Scripting (2.8.2.2)