CVE-2024-26469 | Tunis Product Designer Module prior 1.178.36 on PrestaShop postProcess url server-side request forgery

Posted by Angelo Barbosa | Mar 3, 2024 | CVE

A vulnerability has been found in Tunis Product Designer Module on PrestaShop and classified as critical. Affected by this vulnerability is the function postProcess. The manipulation of the argument url leads to server-side request forgery.

This vulnerability is known as CVE-2024-26469. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-26469 | Tunis Product Designer Module prior 1.178.36 on PrestaShop postProcess url server-side request forgery

Related Posts

CVE-2024-25864 | Friendica 2023.12 fpostit.php server-side request forgery (Issue 13877)

CVE-2024-50853 | Tenda G3 15.11.0.20 formSetDebugCfg command injection

CVE-2023-49468 | strukturag Libde265 1.0.14 Global Buffer slice.cc read_coding_unit buffer overflow (Issue 432)

CVE-2024-39652 | WPWeb Elite WooCommerce PDF Vouchers Plugin up to 4.9.4 on WordPress cross site scripting