V1.7 MODULE TO FIX VULNERABILITY GHSA-6xxj-gcjq-wgf4 (AFFECTED PS 1.7.5.0 -> 1.7.8.1)

stronzodicane

Active member
Elite
XNullUser
Joined
Dec 13, 2021
Messages
37
Reaction score
197
Points
33
NullCash
1,030
A security flaw has been detected in Prestashop that potentially allows malicious people to compromise the integrity of the ecommerce. The Prestashop versions affected are:
Prestashop 1.7.5.0 -> 1.7.8.1

To solve and correct the problem it is necessary to update Prestashop to version 1.7.8.2 or to intervene in a targeted way by applying dedicated patches. Below is the link for more information:
 

Attachments

  • fixcve202143789.zip
    38.1 KB · Views: 21

d-shilko

Well-known member
☆☆ Special ☆☆
☆ Pro ☆
Joined
Jun 10, 2021
Messages
2,542
Reaction score
1,536
Points
113
NullCash
4,201
A security flaw has been detected in Prestashop that potentially allows malicious people to compromise the integrity of the ecommerce. The Prestashop versions affected are:
Prestashop 1.7.5.0 -> 1.7.8.1

To solve and correct the problem it is necessary to update Prestashop to version 1.7.8.2 or to intervene in a targeted way by applying dedicated patches. Below is the link for more information:
Hello I need tip. Are where you download this patch? Provide please link of page. Thanks in advance.
 

Cierrex

Member
XNullUser
Joined
Dec 12, 2020
Messages
577
Reaction score
1
Points
18
NullCash
1
thanks
 

d-shilko

Well-known member
☆☆ Special ☆☆
☆ Pro ☆
Joined
Jun 10, 2021
Messages
2,542
Reaction score
1,536
Points
113
NullCash
4,201
u can open the php files and verify genuine code. I realized this patch ...
Bro I understand code. I have to interesting where you got this patch - I need source for future!
Thank you in advance.
 

hegBIT

Well-known member
Master
Diamond
Elite
XNullUser
Joined
Mar 30, 2021
Messages
925
Reaction score
809
Points
93
NullCash
42

BabyBoss

Member
XNullUser
Joined
Sep 18, 2021
Messages
54
Reaction score
105
Points
18
NullCash
744
u can open the php files and verify genuine code. I realized this patch ...

I'm not sure to understand what you did : you compile the pull request detail on github for this security fix (GHSA-6xxj-gcjq-wgf4) into a module and you release it here for earning Nullcash ?

Bro I understand code. I have to interesting where you got this patch - I need source for future!
Thank you in advance.
You have to go on github every time to find the fix. Here is the detail for this specific fix : https://github.com/PrestaShop/PrestaShop/commit/6482b9ddc9dcebf7588dbfd616d2d635218408d6
 

d-shilko

Well-known member
☆☆ Special ☆☆
☆ Pro ☆
Joined
Jun 10, 2021
Messages
2,542
Reaction score
1,536
Points
113
NullCash
4,201

BabyBoss

Member
XNullUser
Joined
Sep 18, 2021
Messages
54
Reaction score
105
Points
18
NullCash
744
I'm pretty sure there is no patch at all..
Stronzodicane made this patch by himself (I'll not spend nullcash to see what it contains) I guess it's the 2 or 3 modified php files you need to replace in the dedicated directories.
 
Top