CVE-2023-43664
CVE-2023-43664 affects PrestaShop: in the Back Office, an employee can list all modules due to missing access rights check in ajaxProcessGetPossibleHookingListForModule. The root cause is improper authorization in that function. The issue is mitigated in commit 15bd281c and is included in PrestaS...