Security advisory > CVE-2023-28843
Which versions are affected by this vulnerability?
If you are on PrestaShop 1.7 or 8+, the vulnerability is not present. Module PayPal Official 3.12.0 to 3.16.3 are impacted.
The version that fixes the vulnerability is 3.16.4. Version 3.17.0 is also fixed.
How to verify if my module is vulnerable ?
Reminder: PrestaShop 1.7 or 8+, the vulnerability is not present.
We have developed a module that detects if the vulnerability is present and can patch the file.
- Download the file paypalcvefixer.zip attached of this article.
- Install the module in your back office by downloading the ZIP file obtained in the previous step.
- Once installed, click on "Configure".
- An orange message will appear to indicate that patching is required, or a green message will appear if all are OK.
- Don't forget to remove this "fixer" module after
We would like to say thank you.