Security Advisory

CVE-2024-34717

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-14 15:47:27

Last updated 2024-08-02 02:59:22

Assigner GitHub_M

State PUBLISHED

Description

PrestaShop is an open source e-commerce web application. In PrestaShop 8.1.5, any invoice can be downloaded from front-office in anonymous mode, by supplying a random secure_key parameter in the url. This issue is patched in version 8.1.6. No known workarounds are available.

← Browse all CVEs View on cve.org ↗