Prestashop
Monthly
Prestashop versions up to 8.2.4 contains a vulnerability that allows attackers to determine whether a customer account exists in the system by measuring response (CVSS 5.3).
An issue was discoverd in file controllers/admin/AdminLoginController.php in PrestaShop before 8.2.1 allowing attackers to gain sensitive information via the reset password feature. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
PrestaShop is an open-source e-commerce platform. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
PrestaShop is an open-source e-commerce platform. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.
Prestashop versions up to 8.2.4 contains a vulnerability that allows attackers to determine whether a customer account exists in the system by measuring response (CVSS 5.3).
An issue was discoverd in file controllers/admin/AdminLoginController.php in PrestaShop before 8.2.1 allowing attackers to gain sensitive information via the reset password feature. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
PrestaShop is an open-source e-commerce platform. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
PrestaShop is an open-source e-commerce platform. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.