Security advisory > CVE-2023-28843
Which versions are affected by this vulnerability?
If you are on PrestaShop 1.7 or 8+, the vulnerability is not present. Module PayPal Official 3.12.0 to 3.16.3 are impacted.
The version that fixes the vulnerability is 3.16.4. Version 3.17.0 is also fixed.
How to verify if my module is vulnerable ?
Reminder: PrestaShop 1.7 or 8+, the vulnerability is not present.
We have developed a module that detects if the vulnerability is present and can patch the file.
- Download the file paypalcvefixer.zip attached of this article.
- Install the module in your back office by downloading the ZIP file obtained in the previous step.
- Once installed, click on "Configure".
- An orange message will appear to indicate that patching is required, or a green message will appear if all are OK.
- Don't forget to remove this "fixer" module after
We would like to say thank you.
Related Articles
Release notes - Version > 2.0.0
October 10th 2024 - Module version 2.0.2 Bug fix (zendesk app) September 24th 2024 - Module version 2.0.1 Bug fix (multishop) September 16th 2024 - Module version 2.0.0 PrestaShop multistore Support Zendesk multibrand support Shipping tracking code ...
SSL and configuration issues
In this guide, we have added this article, since we have several clients with the problem of compatibility with the SSL certificate when installing their PayPal module in their environment. First of all, the customer must make sure to comply with all ...
Comparison of Paypal Official and PS Checkout modules
With 61% of European customers having used it in the last 6 months and offered by 70% of businesses, PayPal has established itself as one of the most renowned brands in the world. For an even smoother payment experience, PrestaShop Checkout has ...
User documentation for the Braintree PrestaShop module
User documentation for the Braintree PrestaShop module
Documentation Delivengo 2.0.0 version - English
Documentation 2.0.0 version - English