Description

In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there are improper access controls on product page with combinations, attachments and specific prices. The problem is fixed in 1.7.6.5.

Remediation

References

CVE-2020-5293

Related Vulnerabilities

Moodle CVE-2018-10891 Vulnerability (CVE-2018-10891)

Play Framework Improper Input Validation Vulnerability (CVE-2015-2156)

Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-41306)

WordPress Plugin ShiftNav-Responsive Mobile Menu Cross-Site Scripting (1.7.1)

MySQL CVE-2016-5443 Vulnerability (CVE-2016-5443)

Severity

Medium

Classification

CVE-2020-5293 CWE-863 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities