CVE-2023-27845 Information

Description

SQL injection vulnerability found in PrestaShop lekerawen_ocs before v.1.4.1 allow a remote attacker to gain privileges via the KerawenHelper::setCartOperationInfo and KerawenHelper::resetCheckoutSessionData components.

Reference

https://kerawen.com/logiciel-de-caisse/ https://security.friendsofpresta.org/modules/2023/07/06/kerawen_ocs.html