← back
CVE-2023-6921

SQL Injection in PrestaShop Google Integrator

CVSS 9.8 CRITICALEPSS 0.7%CWE-89
Blind SQL Injection vulnerability in PrestaShow Google Integrator (PrestaShop addon) allows for data extraction and modification. This attack is possible via command insertion in one of the cookies.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
PrestaShow · PrestaShop Google Integrator

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cert.pl/en/posts/2024/01/CVE-2023-6921/https://cert.pl/posts/2024/01/CVE-2023-6921/https://prestashow.pl/pl/moduly-prestashop/28-prestashop-google-integrator-ga4-gtm-ads-remarketing.html