MEDIUM 5.8
GHSA-3366-9287-7qpr
Path disclosure in JavaScript variable
Details
### Impact Path disclosure in JavaScript variable
### Patches Patch in PrestaShop 8.1.4
### References https://owasp.org/www-community/attacks/Full_Path_Disclosure
Thanks to https://github.com/hugo-fasone
Are you affected?
Enter the version of the package you're using.
Affected packages
Packagist / prestashop/prestashop
Introduced in:
8.1.0 Fixed in: 8.1.4 Fix
composer require prestashop/prestashop:^8.1.4 References
- https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-3366-9287-7qpr [WEB]
- https://nvd.nist.gov/vuln/detail/CVE-2024-26129 [ADVISORY]
- https://github.com/PrestaShop/PrestaShop/commit/444bd0dea581659918fe2067541b9863cf099dd5 [WEB]
- https://github.com/PrestaShop/PrestaShop [PACKAGE]
- https://owasp.org/www-community/attacks/Full_Path_Disclosure [WEB]