CVE-2022-44727 Information

Nov 11, 2022 cve

Description

The EU Cookie Law GDPR (Banner + Blocker) module before 2.1.3 for PrestaShop allows SQL Injection via a cookie ( lgcookieslaw or __lglaw ).

Reference

https://www.lineagrafica.es/modp/lgcookieslaw/en/readme_en.pdf https://addons.prestashop.com/en/legal/8734-eu-cookie-law-gdpr-banner-blocker.html https://securityandstuff.com/posts/cve-2022-44727/

Share on: