CVE-2021-43789

Published: 2021-12-07T17:15Z

Last Modified: 2024-11-21T06:29Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

PrestaShop is an Open Source e-commerce web application. Versions of PrestaShop prior to 1.7.8.2 are vulnerable to blind SQL injection using search filters with `orderBy` and `sortOrder` parameters. The problem is fixed in version 1.7.8.2. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt