mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-05 10:17:57 +00:00
841 B
841 B
CVE-2024-34717
Description
PrestaShop is an open source e-commerce web application. In PrestaShop 8.1.5, any invoice can be downloaded from front-office in anonymous mode, by supplying a random secure_key parameter in the url. This issue is patched in version 8.1.6. No known workarounds are available.
POC
Reference
No PoCs from references.