First published: Sat Jan 13 2018(Updated: )
PrestaShop 1.7.2.4 allows user enumeration via the Reset Password feature, by noticing which reset attempts do not produce a "This account does not exist" error message.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Prestashop Prestashop | =1.7.2.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.