CVE-2023-27033 Information

Description

Prestashop cdesigner v3.1.3 to v3.1.8 was discovered to contain a code injection vulnerability via the component CdesignerSaverotateModuleFrontController::initContent().

Reference

https://addons.prestashop.com/fr/declinaisons-personnalisation/22677-personnalisation-de-produit-product-customize.html https://friends-of-presta.github.io/security-advisories/modules/2023/04/06/cdesigner-CWE434.html