Skip to content

Potential Information exposure in the upload directory

Moderate
atomiix published GHSA-9qgp-9wwc-v29r Dec 8, 2022

Package

composer prestashop/prestashop (Composer)

Affected versions

< 1.7.8.8

Patched versions

1.7.8.8

Description

Impact

Potential Information exposure in the upload directory

Patches

Patch in PrestaShop 1.7.8.8

References

https://capec.mitre.org/data/definitions/87.html

Thanks to DZPATROL

Severity

Moderate
5.3
/ 10

CVSS base metrics

Attack vector
Network
Attack complexity
Low
Privileges required
None
User interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVE ID

CVE-2022-46158

Weaknesses

No CWEs