CVE-2020-15080

In PrestaShop from version 1.7.4.0 and before version 1.7.6.6, some files should not be in the release archive, and others should not be accessible. The problem is fixed in version 1.7.6.6 A possible workaround is to make sure `composer.json` and `docker-compose.yml` are not accessible on your server.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:prestashop:prestashop:*:*:*:*:*:*:*:*

Information

Published : 2020-07-02 10:15

Updated : 2021-11-18 10:05


NVD link : CVE-2020-15080

Mitre link : CVE-2020-15080


JSON object : View

CWE
CWE-862

Missing Authorization

Advertisement

dedicated server usa

Products Affected

prestashop

  • prestashop