prestashop/blockreassurance Security Advisories for v1.0.6 (2)
-
[CRITICAL] Any value can be changed in the configuration table by an employee having access to block reassurance module
PKSA-ttsb-qbvj-d24g CVE-2023-47110 GHSA-xfm3-hjcc-gv78
Affected version: <=5.1.3
Reported by:
GitHub -
[MEDIUM] PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block
PKSA-k4jh-ypfz-vr5c CVE-2023-47109 GHSA-83j2-qhx2-p7jc
Affected version: <=5.1.3
Reported by:
GitHub