First published: Tue Mar 21 2023(Updated: )
The eo_tags package before 1.4.19 for PrestaShop allows SQL injection via a crafted _ga cookie.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Prestashop Eo Tags | >=1.2.0<1.4.19 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-27570 is a vulnerability in the eo_tags package before version 1.4.19 for PrestaShop that allows SQL injection via a crafted _ga cookie.
CVE-2023-27570 has a severity rating of 9.8 (critical).
The eo_tags package before version 1.4.19 for PrestaShop is affected by CVE-2023-27570.
CVE-2023-27570 works by exploiting a SQL injection vulnerability through a crafted _ga cookie.
Yes, the fix for CVE-2023-27570 is to update the eo_tags package to version 1.4.19 or later.