First published: Thu Nov 09 2023(Updated: )
### Impact An ajax function in module blockreassurance allows modifying any value in the configuration table ### Patches v5.1.4 ### Workarounds no workaround available ### References
Credit: security-advisories@github.com security-advisories@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
composer/prestashop/blockreassurance | <=5.1.3 | 5.1.4 |
Prestashop Customer Reassurance Block | <5.1.4 | |
<5.1.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-47110 is a vulnerability in the blockreassurance module of PrestaShop that allows an employee with access to modify any value in the configuration table.
An employee can exploit CVE-2023-47110 by using the ajax function in the blockreassurance module to modify any value in the configuration table.
Yes, CVE-2023-47110 has been patched in version 5.1.4 of the blockreassurance module.
CVE-2023-47110 has a severity rating of 9.1 (critical).
The Common Weakness Enumeration (CWE) ID of CVE-2023-47110 is 284.