CVE-2022-31101

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-31101
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-31101.json
Aliases
Published
2022-06-27T23:15:08Z
Modified
2023-11-29T09:41:19.574875Z
Details

prestashop/blockwishlist is a prestashop extension which adds a block containing the customer's wishlists. In affected versions an authenticated customer can perform SQL injection. This issue is fixed in version 2.1.1. Users are advised to upgrade. There are no known workarounds for this issue.

References

Affected packages

Git / github.com/PrestaShop/blockwishlist

Affected ranges

Type
GIT
Repo
https://github.com/PrestaShop/blockwishlist
Events
Introduced
0The exact introduced commit is unknown
Fixed
b3ec4b85af5fd73f74d55390b226d221298ca084
Type
GIT
Repo
https://github.com/prestashop/blockwishlist
Events
Introduced
0The exact introduced commit is unknown
Fixed
a11c76e8cbf50622096c4411a3dc93ecba78cd03

Affected versions

v2.*

v2.0.0
v2.0.1
v2.1.0