CVE-2020-15082

High

7.1/10

Summary

In PrestaShop from version 1.6.0.1 and before version 1.7.6.6, the dashboard allows rewriting all configuration variables. The problem is fixed in 1.7.6.6

Attack Complexity: HIGH
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: LOW

References

Advisory Timeline

Published Jul 02, 2020

CVE-2020-15082

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS