MEDIUM 5.8
GHSA-3366-9287-7qpr
Path disclosure in JavaScript variable
상세
### Impact Path disclosure in JavaScript variable
### Patches Patch in PrestaShop 8.1.4
### References https://owasp.org/www-community/attacks/Full_Path_Disclosure
Thanks to https://github.com/hugo-fasone
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
Packagist / prestashop/prestashop
최초 영향 버전:
8.1.0 수정 버전: 8.1.4 수정
composer require prestashop/prestashop:^8.1.4 참고
- https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-3366-9287-7qpr [WEB]
- https://nvd.nist.gov/vuln/detail/CVE-2024-26129 [ADVISORY]
- https://github.com/PrestaShop/PrestaShop/commit/444bd0dea581659918fe2067541b9863cf099dd5 [WEB]
- https://github.com/PrestaShop/PrestaShop [PACKAGE]
- https://owasp.org/www-community/attacks/Full_Path_Disclosure [WEB]