Vulnerabilities > CVE-2020-15102 - Missing Authorization vulnerability in Prestashop Dashboard products

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
prestashop
CWE-862

Summary

In PrestaShop Dashboard Productions before version 2.1.0, there is improper authorization which enables an attacker to change the configuration. The problem is fixed in 2.1.0.

Common Weakness Enumeration (CWE)