CVE-2023-3031 Information

Description

Improper Limitation of a Pathname leads to a Path Traversal vulnerability in the module King-Avis for Prestashop allowing a user knowing the download token to read arbitrary local files.This issue affects King-Avis: before 17.3.15.

Reference

https://borelenzo.github.io/stuff/2023/06/01/cve-2023-3031.html