prestashop/prestashop vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the prestashop/prestashop package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Exposure of Sensitive Information to an Unauthorized Actor	>=8.1.5, <8.1.6
C Cross-site Scripting (XSS)	>=8.1.0, <8.1.6
M Cross-site Scripting (XSS)	>=1.7.5.2, <1.7.6.0
M Information Exposure	>=8.1.0, <8.1.4
M Cross-site Scripting	<8.1.3
H Cross-site Scripting	<1.7.8.11>=8.0.0, <8.1.3
M Improper Privilege Management	<8.1.2
M Insecure Permissions	<8.1.2
M SQL Injection	<8.1.1
M Improper Access Control	<8.1.1
H Improper Input Validation	<8.1.1
M Cross-site Scripting (XSS)	<1.7.8.10>=8.0.0, <8.0.5>=8.1.0, <8.1.1
C Arbitrary Code Execution	<1.7.8.10>=8.0.0, <8.0.5>=8.1.0, <8.1.1
M Directory Traversal	<8.1.1
M Improper Access Control	<8.1.1
H Arbitrary Code Injection	<1.7.2.5
H SQL Injection	<1.7.8.9>=8.0.0, <8.0.4
C SQL Injection	<1.7.8.9>=8.0.0, <8.0.4
H Cross-site Scripting (XSS)	<1.7.8.9>=8.0.0, <8.0.4
M Cross-site Request Forgery (CSRF)	<8.0.2
M Information Exposure	<1.7.8.8
H SQL Injection	>=1.6.0.10, <1.7.8.7
C Arbitrary Code Injection	>=1.7.0.0, <1.7.8.3
H SQL Injection	>=1.7.5.0, <1.7.8.2