CVE-2023-24763

HIGH

Xen Forum < 2.13.0 - Authenticated SQL Injection

Title source: llm
STIX 2.1

Description

In the module "Xen Forum" (xenforum) for PrestaShop, an authenticated user can perform SQL injection in versions up to 2.13.0.

Scores

CVSS v3 8.8
EPSS 0.0088
EPSS Percentile 54.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-89
Status published
Products (1)
prestashop/xen_forum < 2.13.0
Published Mar 06, 2023
Tracked Since Feb 18, 2026