Description
In PrestaShop before 1.7.6.0 RC2, the id_address_delivery and id_address_invoice parameters are affected by an Insecure Direct Object Reference vulnerability due to a guessable value sent to the web application during checkout. An attacker could leak personal customer information. This is PrestaShop bug #14444.
Remediation
References
Related Vulnerabilities
Spring Cloud Gateway Improper Certificate Validation Vulnerability (CVE-2022-22946)
WordPress Plugin WordPress Download Manager Cross-Site Scripting (2.9.51)
WordPress Plugin Vmax Project Manager Arbitrary File Upload (1.1)
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-5739)
Joomla Improper Input Validation Vulnerability (CVE-2013-3242)