Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PrestaShop Vulnerability - CVE-2024-34717 - Vulnerability Database
PrestaShop

PrestaShop Vulnerability - CVE-2024-34717

Medium
Reference: CVE-2024-34717
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2024-34717
Title: PrestaShop Vulnerability
Overview:

PrestaShop is an open source e-commerce web application. In PrestaShop 8.1.5 any invoice can be downloaded from front-office in anonymous mode by supplying a random secure_key parameter in the url. This issue is patched in version 8.1.6. No known workarounds are available.