CVE-2020-15102 – Improper access control on dashboard form in PrestaShop

https://notcve.org/view.php?id=CVE-2020-15102

In PrestaShop Dashboard Productions before version 2.1.0, there is improper authorization which enables an attacker to change the configuration. The problem is fixed in 2.1.0. En PrestaShop Dashboard Productions versiones anteriores a 2.1.0, se presenta una autorización inapropiada que permite a un atacante cambiar la configuración. El problema es corregido en la versión 2.1.0 • https://github.com/PrestaShop/dashproducts/commit/f0799c13628a9b9ca6ca75c085b083d924a8ea7e https://github.com/PrestaShop/dashproducts/security/advisories/GHSA-6292-4qpg-hvfg • CWE-284: Improper Access Control CWE-862: Missing Authorization •