2 matches found
CVE-2024-25841
CVE-2024-25841 affects PrestaShop via the So Flexibilite module from Common-Services. The vulnerability allows a guest (authenticated customer) to perform a Cross Site Scripting (XSS) injection in versions earlier than 4.1.26. Root cause details are not provided beyond the XSS in this module. The...
CVE-2024-25844
Summary of CVE-2024-25844 (PrestaShop So Flexibilite module): The vulnerability affects PrestaShop’s Common-Services “So Flexibilite” module prior to version 4.1.26, where an attacker can remotely escalate privileges and access sensitive information via a debug file. Impact is described as high f...