Lucene search
MitreCVE-2023-30195HistoryJul 06, 2023 - 8:15 p.m.
CVE-2023-30195
2023-07-0620:15:09
CWE-862
mitre
web.nvd.nist.gov
11
cve-2023-30195
information exposure
linea grafica
detailed order
prestashop
nvd
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
43.5%
In the module “Detailed Order” (lgdetailedorder) in version up to 1.1.20 from Linea Grafica for PrestaShop, a guest can download personal informations without restriction formatted in json.
Affected configurations
Node
lineagraficalgdetailedorderRange<1.1.21prestashop
| Vendor | Product | Version | CPE |
|---|---|---|---|
| lineagrafica | lgdetailedorder | * | cpe:2.3:a:lineagrafica:lgdetailedorder:*:*:*:*:*:prestashop:*:* |
Related
cvelist
cvelist
CVE-2023-30195
2023-07-06 00:00:00
nvd
nvd
CVE-2023-30195
2023-07-06 20:15:09
prion
prion
Code injection
2023-07-06 20:15:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
43.5%
Related for CVE-2023-30195