Description
In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there are improper access controls on product page with combinations, attachments and specific prices. The problem is fixed in 1.7.6.5.
Remediation
References
Related Vulnerabilities
WordPress Plugin Responsive WordPress Slider-Avartan Slider Lite Cross-Site Scripting (1.4)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4608)
Moodle Other Vulnerability (CVE-2012-2366)
TYPO3 Inadequate Encryption Strength Vulnerability (CVE-2010-3670)
WordPress Plugin Appointments Cross-Site Scripting (2.2.2.2)