Vulnerability in N/a

CVE-2023-27639

An issue was discovered in the tshirtecommerce (aka Custom Product Designer) component 2.1.4 for PrestaShop. An HTTP request can be forged with the POST parameter file_name in the tshirtecommerce/ajax.php?type=svg endpoint, to allow a remo…

EPSS: 0.857 (99.4th percentile) — read the EPSS interpretation.

Affected products

  • N/a — versions n/a

References