CVE-2024-26129 Information

Description

PrestaShop is an open-source e-commerce platform. Starting in version 8.1.0 and prior to version 8.1.4 PrestaShop is vulnerable to path disclosure in a JavaScript variable. A patch is available in version 8.1.4.

Reference

https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-3366-9287-7qpr https://github.com/PrestaShop/PrestaShop/commit/444bd0dea581659918fe2067541b9863cf099dd5 https://owasp.org/www-community/attacks/Full_Path_Disclosure