A security flaw has been detected in Prestashop that potentially allows malicious people to compromise the integrity of the ecommerce. The Prestashop versions affected are:
Prestashop 1.7.5.0 -> 1.7.8.1
To solve and correct the problem it is necessary to update Prestashop to version 1.7.8.2 or to intervene in a targeted way by applying dedicated patches. Below is the link for more information:
### Impact Blind SQLi using Search filters with `orderBy` and `sortOrder` parameters ### Patches The problem is fixed in 1.7.8.2 ### References [SQL Injection (CWE-89) ](https://cwe.mitr...
github.com