Skip to content

Blind SQL injection in PrestaShop productcomments module

Low severity GitHub Reviewed Published Dec 3, 2020 in PrestaShop/productcomments • Updated Feb 1, 2023

Package

composer prestashop/productcomments (Composer)

Affected versions

>= 4.0.0, < 4.2.1

Patched versions

4.2.1
Published by the National Vulnerability Database Dec 3, 2020
Reviewed Jan 20, 2021
Published to the GitHub Advisory Database Jan 20, 2021
Last updated Feb 1, 2023

Severity

Low

EPSS score

13.509%
(96th percentile)

Weaknesses

CVE ID

CVE-2020-26248

GHSA ID

GHSA-5v44-7647-xfw9

Credits

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.