CVE-2024-34991

June 24, 2024, 10:15 p.m.

Product(s) Impacted

PrestaShop module Axepta

  • before 1.3.4

Description

In the module "Axepta" (axepta) before 1.3.4 from Quadra Informatique for PrestaShop, a guest can download partial credit card information (expiry date) / postal address / email / etc. without restriction due to a lack of permissions control.

Weaknesses

Date

Published: June 24, 2024, 10:15 p.m.

Last Modified: June 24, 2024, 10:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References