CNNVD-202509-1074 Information
CNNVD ID
CNNVD-202509-1074
Related CVE
- CNNVD Published: 2025-09-08
Description (Chinese)
PrestaShop是美国PrestaShop公司的一套开源的电子商务解决方案。该方案提供多种支付方式、短消息提醒和商品图片缩放等功能。 PrestaShop 8.2.1之前版本存在安全漏洞,该漏洞源于重置密码功能可能导致敏感信息泄露。
Description (English)
PrestaShop is an open-source e-commerce solution for PrestaShop in the United States. The programme provides multiple payment modes, SMS alerts and commodity photo scaling. PrestaShop 8.2.1 has a security loophole, which stems from the possibility that re-enacting the password function may lead to the disclosure of sensitive information.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
PrestaShop
Published
2025-09-08
Last Modified
2026-02-24
References
https://github.com/PrestaShop/PrestaShop/releases/tag/8.2.1 https://maxime-morel.github.io/advisories/2025/CVE-2025-51586.md https://prestashop.com/ https://access.redhat.com/security/cve/cve-2025-51586
Patch
https://github.com/PrestaShop/PrestaShop/releases
Share on: