Filtered by vendor Prestashop Subscriptions
Filtered by product The Firmware Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2026-14846 1 Prestashop 1 The Firmware 2026-07-13 N/A
In version 8.2.1 of PrestaShop, there is a vulnerability relating to the incorrect sanitisation of elements, caused by inadequate validation of the ‘Alias’ parameter in the ‘Update your address’ function. This flaw allows an attacker to inject malicious expressions that are executed when the information is exported using the ‘Get my data in CSV’ tool. Successful exploitation of this vulnerability could facilitate unauthorised access to the victim’s personal data.