PrestaShop Security Update Advisory

May 20 2024

Overview

We have released an update to address a vulnerability in PrestaShop. users of affected versions are advised to update to the latest version.

Affected Products

Prestashop versions: 8.1.0 (inclusive) to 8.1.6 (excluded)

Resolved Vulnerabilities

XSS vulnerability in PrestaShop when the customer thread feature flag is enabled (CVE-2024-34716)

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

Prestashop 8.1.6 version

Referenced Sites

[1] CVE-2024-34716 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-34716

[2] XSS via customer contact form in FO, through file upload

https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-45vm-3j38-7p78

PrestaShop Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Google Chrome browser security update advisory

ManageEngine (PAM360) Product May 2024 Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Google Chrome browser security update advisory

ManageEngine (PAM360) Product May 2024 Security Update Advisory