CVE-2022-46158

PrestaShop is an open-source e-commerce solution. Versions prior to 1.7.8.8 did not properly restrict host filesystem access for users. Users may have been able to view the contents of the upload directory without appropriate permissions. This issue has been addressed and users are advised to upgrade to version 1.7.8.8. There are no known workarounds for this issue.
Configurations

Configuration 1 (hide)

cpe:2.3:a:prestashop:prestashop:*:*:*:*:*:*:*:*

History

07 Jul 2023, 19:02

Type Values Removed Values Added
CWE CWE-200 CWE-862

Information

Published : 2022-12-08 22:15

Updated : 2024-02-28 19:51


NVD link : CVE-2022-46158

Mitre link : CVE-2022-46158

CVE.ORG link : CVE-2022-46158


JSON object : View

Products Affected

prestashop

  • prestashop
CWE
CWE-862

Missing Authorization

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor