SQL Injection Vulnerability in Shoppingfeed for PrestaShop

SQL Injection Vulnerability in Shoppingfeed for PrestaShop

CVE-2023-28839 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Shoppingfeed PrestaShop is an add-on to the PrestaShop ecommerce platform to synchronize data. The module Shoppingfeed for PrestaShop is vulnerable to SQL injection between version 1.4.0 and 1.8.2 due to a lack of input sanitization. This issue has been addressed in version 1.8.3. Users are advised to upgrade. There are no known workarounds for this issue.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.