CVE-2023-47110

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Nov 9, 2023

Updated: Nov 15, 2023

CWE ID 284

Summary

CVE-2023-47110 is a vulnerability affecting the blockreassurance module in certain Magento stores. This module displays an information block to reassure customers about the trustworthiness of the store. The issue lies in an AJAX function within the module that allows unauthorized modification of configuration table values, potentially leading to security concerns. A patch for this vulnerability has been released in version 5.1.4.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

PrestaShop

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tNY6KJ
https://www.cve.org/CVERecord?id=CVE-2023-47110
https://nvd.nist.gov/vuln/detail/CVE-2023-47110

Back to Vulnerability Database

CVE-2023-47110

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations