CVE-2024-34991
June 24, 2024, 10:15 p.m.
Tags
Product(s) Impacted
PrestaShop module Axepta
- before 1.3.4
Description
In the module "Axepta" (axepta) before 1.3.4 from Quadra Informatique for PrestaShop, a guest can download partial credit card information (expiry date) / postal address / email / etc. without restriction due to a lack of permissions control.
Weaknesses
Date
Published: June 24, 2024, 10:15 p.m.
Last Modified: June 24, 2024, 10:15 p.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org
References
https://security.friendsofpresta.org/
cve@mitre.org