First published: Thu Sep 28 2023(Updated: )
### Impact Any module can be disabled or uninstalled from back office, even with low user right. ### Patches 8.1.2 ### Workarounds none ### References
Credit: security-advisories@github.com security-advisories@github.com security-advisories@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
Prestashop Prestashop | <8.1.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2023-43663.
The impact of CVE-2023-43663 is that any module can be disabled or uninstalled from the back office, even with low user rights.
CVE-2023-43663 affects PrestaShop by allowing low privileged users to disable portions of a shop's functionality.
The severity of CVE-2023-43663 is medium, with a CVSS score of 6.7.
CVE-2023-43663 can be fixed by applying the commit ce1f6708 from the official PrestaShop repository.