{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T11:53:08.899","vulnerabilities":[{"cve":{"id":"CVE-2021-21308","sourceIdentifier":"security-advisories@github.com","published":"2021-02-26T20:15:12.313","lastModified":"2024-11-21T05:47:59.450","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 the soft logout system is not complete and an attacker is able to foreign request and executes customer commands. The problem is fixed in 1.7.7.2"},{"lang":"es","value":"PrestaShop es una solución de comercio electrónico de código abierto totalmente escalable. En PrestaShop versiones anteriores a 1.7.2, el sistema de cierre de sesión suave no está completo y un atacante puede realizar peticiones externas y ejecutar comandos del cliente. El problema es corregido en versión 1.7.7.2"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:N","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:prestashop:prestashop:*:*:*:*:*:*:*:*","versionStartExcluding":"1.5.0.0","versionEndExcluding":"1.7.7.2","matchCriteriaId":"EC809966-E71A-48D8-AE01-571CC59B9254"}]}]}],"references":[{"url":"https://github.com/PrestaShop/PrestaShop/commit/2f673bd93e313f08c35e74decc105f40dc0b7dee","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.7.2","source":"security-advisories@github.com","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-557h-hf3c-whcg","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/PrestaShop/PrestaShop/commit/2f673bd93e313f08c35e74decc105f40dc0b7dee","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.7.2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-557h-hf3c-whcg","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}