CVE-2022-21686
Published
CVSS v3
9
CRITICAL
CVSS v2
7.5
HIGH
Affected
1
PROJECT
Description
PrestaShop is an Open Source e-commerce platform. Starting with version 1.7.0.0 and ending with version 1.7.8.3, an attacker is able to inject twig code inside the back office when using the legacy layout. The problem is fixed in version 1.7.8.3. There are no known workarounds.
PrestaShop is the universal open-source software platform to build your e-commerce solution.
GitHub