Vulnerabilities > CVE-2020-15079 - Unspecified vulnerability in Prestashop
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, there is improper access control in Carrier page, Module Manager and Module Positions. The problem is fixed in version 1.7.6.6
Vulnerable Configurations
References
- https://github.com/PrestaShop/PrestaShop/commit/8833d9504cc5d69a2a6d10197f56f0c11443cbfa
- https://github.com/PrestaShop/PrestaShop/commit/8833d9504cc5d69a2a6d10197f56f0c11443cbfa
- https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-xp3x-3h8q-c386
- https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-xp3x-3h8q-c386