Jump to content
Geo Burlibasa

Problema de securitate - furtul datelor

Recommended Posts

In Prestashop 1.7.6.4 s-a rezolvat o problema de securitate majora, care este descrisa de comunitatea Prestashop prin "Possible information steal". Mai concret, formularele de "Identitate" si "Adresa" permit clientilor sa preia si sa modifice informatiile personale ale oricarui client.

Versiunile afectate: 1.7.0.0 -> 1.7.6.3

Problema se rezolva prin update la 1.7.6.4 sau prin aplicarea manuala a patch-ului de aici:
https://github.com/PrestaShop/PrestaShop/commit/a4a609b5064661f0b47ab5bc538e1a9cd3dd1069

Pentru cei care doresc rezolvarea problemei dar nu vor sa-si prinda urechile in cod, o sa prioritizez in zilele urmatoare toate mentenantele legate de problema asta, din moment ce are implicatii asupra GDPR.

Sursa: https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-mhfc-6rhg-fxp3

Share this post


Link to post
Share on other sites

Hai sa nu ne panicam!

Da, exista - a existat - o vulnerabilitate dar nu e chiar asa de grava precum ai prezentat-o.

La fel ca si la coronavirus... :))

Share this post


Link to post
Share on other sites

Pe GitHub e prezentata ca o problema de securitate critica, cine sunt eu sa-i contrazic?
image.thumb.png.60be951cdee5792bcd1702468ce70923.png
 

  • Haha 1

Share this post


Link to post
Share on other sites

A venit informare si de la Prestashop, exista si documentare la vulnerabilitate.

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Cookies ensure the smooth running of our services. Using these, you accept the use of cookies. Learn More