ГлавнаяУязвимости → CVE-2023-6921
9.8критическая

CVE-2023-6921

→ есть в БДУ: BDU:2024-00304 (на русском)
Описание (на английском; русское — в БДУ выше)

Blind SQL Injection vulnerability in PrestaShow Google Integrator (PrestaShop addon) allows for data extraction and modification. This attack is possible via command insertion in one of the cookies.

Затрагиваемое ПО
Prestashow Google integrator
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://cert.pl/en/posts/2024/01/CVE-2023-6921/https://cert.pl/posts/2024/01/CVE-2023-6921/https://prestashow.pl/pl/moduly-prestashop/28-prestashop-google-integrator-ga4-gtm-ads-remarketing.htmlhttps://cert.pl/en/posts/2024/01/CVE-2023-6921/https://cert.pl/posts/2024/01/CVE-2023-6921/https://prestashow.pl/pl/moduly-prestashop/28-prestashop-google-integrator-ga4-gtm-ads-remarketing.html