← Back

Stripe Payment Pro

stripe_payment_pro

Vendor: Stripe • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-23315
1Stripe
1Stripe Payment Pro
Nov 21, 2024
Mar 1, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
The PrestaShop e-commerce platform module stripejs contains a Blind SQL injection vulnerability up to version 4.5.5. The method `stripejsValidationModuleFrontController::initContent()` has sensitive SQL calls that can be...Show more
The PrestaShop e-commerce platform module stripejs contains a Blind SQL injection vulnerability up to version 4.5.5. The method `stripejsValidationModuleFrontController::initContent()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection.Show less