[prestashop/prestashop] Duplicate Advisory GHSA-hrgx-p36p-89q4

Duplicate Advisory

This advisory is a duplicate of GHSA-hrgx-p36p-89q4. This link is maintained to preserve external references.

Original Description

PrestaShop 1.6.0.10 through 1.7.x before 1.7.8.2 allows remote attackers to execute arbitrary code, aka a “previously unknown vulnerability chain” related to SQL injection, as exploited in the wild in July 2022.

References

• https://nvd.nist.gov/vuln/detail/CVE-2022-36408
• https://build.prestashop.com/news/major-security-vulnerability-on-prestashop-websites/
• https://github.com/advisories/GHSA-qv6h-pcf2-2w3g