Vulnerabilities > Prestashop > Correos Express > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-27 | CVE-2020-12120 | Incorrect Permission Assignment for Critical Resource vulnerability in Prestashop Correos Express 1.6/1.6.0.4/1.7 The Correos Express addon for PrestaShop 1.6 through 1.7 allows remote attackers to obtain sensitive information, such as a service's owner password that can be used to modify orders via SOAP. | 7.5 |