CVE-2023-26859 Information

Description

SQL injection vulnerability found in PrestaShop sendinblue v.4.0.15 and before allow a remote attacker to gain privileges via the ajaxOrderTracking.php component.

Reference

https://security.friendsofpresta.org/modules/2023/07/25/sendinblue.html https://addons.prestashop.com/en/newsletter-sms/8300-sendinblue-all-in-one-marketing-tool.html