Advisory for Prestashop | All Versions affected | Assigned CVE-2018-7491 - Download Analysis Tips Tricks | Andmp

Detailed analysis on most discussed web topics plus Downloads and PDFs.Books and materials

Breaking

ad

Post Top Ad

Tuesday, 27 February 2018

Advisory for Prestashop | All Versions affected | Assigned CVE-2018-7491

A UI-Redressing/Clickjacking bug was discovered in all versions of Prestashop that affects both User and Admin interfaces.

This maybe leveraged to perform unintended state changing operations by hijacking only few clicks of an authenticated user/admin.

Discoverer - Arif Khan
CVE ID     - CVE-2018-7491
Product      -Prestashop (all versions)


No comments:

Post a Comment

Would love to hear from you ! Found some issues on the page ? Let me know and stand a chance to take part in our bug bounty giveaway !

Post Bottom Ad

Pages