First published: Mon Apr 20 2020(Updated: )
In PrestaShop between versions 1.5.5.0 and 1.7.6.5, there is improper access control on customers search. The problem is fixed in 1.7.6.5.
Credit: security-advisories@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
Prestashop Prestashop | >1.5.5.0<1.7.6.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this PrestaShop vulnerability is CVE-2020-5287.
The severity level of CVE-2020-5287 is medium (6.5).
CVE-2020-5287 affects PrestaShop versions between 1.5.5.0 and 1.7.6.5.
The fix for CVE-2020-5287 is included in version 1.7.6.5 of PrestaShop.
Yes, you can find references for CVE-2020-5287 at the following links: [Link 1](https://github.com/PrestaShop/PrestaShop/commit/27e49d89808f1d76eb909a595f344a6739bc0b52) and [Link 2](https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-r6rp-6gv6-r9hq).