Vulnerability Details CVE-2023-31671
PrestaShop postfinance <= 17.1.13 is vulnerable to SQL Injection via PostfinanceValidationModuleFrontController::postProcess().
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.8%
CVSS Severity
CVSS v3 Score 9.8
References
- https://friends-of-presta.github.io/security-advisories/modules/2023/06/13/postfinance.html
- https://shop.webbax.ch/modules-de-paiement/123-module-postfinance.html
- https://friends-of-presta.github.io/security-advisories/modules/2023/06/13/postfinance.html
- https://shop.webbax.ch/modules-de-paiement/123-module-postfinance.html
Products affected by CVE-2023-31671
-
cpe:2.3:a:webbax:postfinance:-
-
cpe:2.3:a:webbax:postfinance:17.1.13