Security Advisory

CVE-2023-39528

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-08-07 20:35:07

Last updated 2024-10-03 16:13:39

Assigner GitHub_M

State PUBLISHED

Description

PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, the `displayAjaxEmailHTML` method can be used to read any file on the server, potentially even outside of the project if the server is not correctly configured. Version 8.1.1 contains a patch for this issue. There are no known workarounds.

← Browse all CVEs View on cve.org ↗