Advisory for Prestashop | All Versions affected | Assigned CVE-2018-7491 - Development Security Downloads Education | Andmp

This blog is mainly focused on Development, coding,technology and Security. Detailed analysis on most discussed topics on web plus Downloads and PDFs.Books and materials.

Breaking

ad

Post Top Ad

Tuesday, 27 February 2018

Advisory for Prestashop | All Versions affected | Assigned CVE-2018-7491

A UI-Redressing/Clickjacking bug was discovered in all versions of Prestashop that affects both User and Admin interfaces.

This maybe leveraged to perform unintended state changing operations by hijacking only few clicks of an authenticated user/admin.

Discoverer - Arif Khan
CVE ID     - CVE-2018-7491
Product      -Prestashop (all versions)


No comments:

Post a Comment

Your Opinion is Our First Priority

Post Bottom Ad

Pages