VDB
KO
CRITICAL 9.9

GHSA-p379-cxqh-q822

SQL filter bypass leading to arbitrary write requests using "SQL Manager"

Details

### Impact SQL filtering vulnerability, a BO user can write, update and delete in the database, even without having specific rights.

### Patches PrestaShop 8.0.4 and 1.7.8.9 will contain the patch.

### Workarounds no

### References no

Are you affected?

Enter the version of the package you're using.

Affected packages

Packagist / prestashop/prestashop
Introduced in: 8.0.0 Fixed in: 8.0.4
Fix composer require prestashop/prestashop:^8.0.4
Packagist / prestashop/prestashop
Introduced in: 0 Fixed in: 1.7.8.9
Fix composer require prestashop/prestashop:^1.7.8.9

References