{"id":1327,"date":"2023-05-08T09:03:07","date_gmt":"2023-05-08T09:03:07","guid":{"rendered":"https:\/\/www.bhoost.com\/es\/?p=1327"},"modified":"2023-07-31T13:35:04","modified_gmt":"2023-07-31T13:35:04","slug":"multiples-vulnerabilidades-en-prestashop-abril-2023","status":"publish","type":"post","link":"https:\/\/www.bhoost.com\/es\/multiples-vulnerabilidades-en-prestashop-abril-2023\/","title":{"rendered":"M\u00faltiples vulnerabilidades en PrestaShop Abril 2023"},"content":{"rendered":"\n

Se han detectado tres vulnerabilidades en Prestashop que son muy importantes: dos de tipo inyecci\u00f3n SQL, una de gravedad cr\u00edtica y otra alta, y otra vulnerabilidad de inyecci\u00f3n XSS de gravedad alta, que podr\u00edan permitir a cualquier usuario con permisos de administrador escribir, actualizar o eliminar bases de datos SQL independientemente de sus permisos.<\/p>\n\n\n\n

Puedes ver el comunicado aqu\u00ed.<\/p>\n\n\n\n

Detalle:<\/p>\n\n\n\n

La vulnerabilidad de gravedad cr\u00edtica es de filtrado SQL y podr\u00eda permitir a un usuario escribir, actualizar y eliminar en la base de datos, incluso sin tener permisos espec\u00edficos de administrador.<\/p>\n\n\n\n

Respecto a las vulnerabilidades de gravedad alta, una afecta a la lectura de archivos arbitrarios, lo cual hace posible que un usuario con acceso al administrador SQL pueda leer arbitrariamente cualquier archivo en el sistema operativo con una funci\u00f3n SELECT. Mientras que la otra vulnerabilidad de gravedad alta, consiste en una posible inyecci\u00f3n de XSS, que podr\u00eda facilitar el secuestro de elementos HTML sin necesidad de interacci\u00f3n por parte del usuario.<\/p>\n\n\n\n

Soluci\u00f3n:<\/p>\n\n\n\n

Prestashop ha publicado un parche y recomienda actualizar a las versiones de 8.0.4 y 1.7.8.9.<\/p>\n\n\n\n

https:\/\/build.prestashop-project.org\/news\/2023\/prestashop-8-0-4-maintenance-release\/
<\/a>https:\/\/build.prestashop-project.org\/news\/2023\/prestashop-1-7-8-9-maintenance-release\/<\/a><\/p>\n\n\n\n

La \u00fanica forma actual para aplicar el parche es actualizar la versi\u00f3n de Prestashop a las indicadas.<\/p>\n\n\n\n

Si ten\u00e9is un Prestashop 1.7.X deb\u00e9is actualizar a 1.7.8.9<\/p>\n\n\n\n

Si ten\u00e9is un Prestashop 8.X deb\u00e9is actualizar a 8.0.4<\/p>\n","protected":false},"excerpt":{"rendered":"

Se han detectado tres vulnerabilidades en Prestashop que son muy importantes: dos de tipo inyecci\u00f3n SQL, una de gravedad cr\u00edtica […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[22],"class_list":["post-1327","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-prestashop"],"acf":[],"yoast_head":"\nM\u00faltiples vulnerabilidades en PrestaShop Abril 2023 - BHOOST Hosting E-Commerce R\u00e1pido, Seguro y Optimizado<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.bhoost.com\/es\/multiples-vulnerabilidades-en-prestashop-abril-2023\/\" \/>\n<meta property=\"og:locale\" content=\"es_ES\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"M\u00faltiples vulnerabilidades en PrestaShop Abril 2023 - BHOOST Hosting E-Commerce R\u00e1pido, Seguro y Optimizado\" \/>\n<meta property=\"og:description\" content=\"Se han detectado tres vulnerabilidades en Prestashop que son muy importantes: dos de tipo inyecci\u00f3n SQL, una de gravedad cr\u00edtica […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.bhoost.com\/es\/multiples-vulnerabilidades-en-prestashop-abril-2023\/\" \/>\n<meta property=\"og:site_name\" content=\"BHOOST Hosting E-Commerce R\u00e1pido, Seguro y Optimizado\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-08T09:03:07+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-07-31T13:35:04+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tiempo de lectura\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minuto\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.bhoost.com\\\/es\\\/multiples-vulnerabilidades-en-prestashop-abril-2023\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.bhoost.com\\\/es\\\/multiples-vulnerabilidades-en-prestashop-abril-2023\\\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\\\/\\\/www.bhoost.com\\\/es\\\/#\\\/schema\\\/person\\\/8b3f2008c39ed0798bd79da571f15d18\"},\"headline\":\"M\u00faltiples vulnerabilidades en PrestaShop Abril 2023\",\"datePublished\":\"2023-05-08T09:03:07+00:00\",\"dateModified\":\"2023-07-31T13:35:04+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.bhoost.com\\\/es\\\/multiples-vulnerabilidades-en-prestashop-abril-2023\\\/\"},\"wordCount\":251,\"commentCount\":0,\"keywords\":[\"prestashop\"],\"articleSection\":[\"Uncategorized\"],\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.bhoost.com\\\/es\\\/multiples-vulnerabilidades-en-prestashop-abril-2023\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.bhoost.com\\\/es\\\/multiples-vulnerabilidades-en-prestashop-abril-2023\\\/\",\"url\":\"https:\\\/\\\/www.bhoost.com\\\/es\\\/multiples-vulnerabilidades-en-prestashop-abril-2023\\\/\",\"name\":\"M\u00faltiples vulnerabilidades en PrestaShop Abril 2023 - BHOOST Hosting E-Commerce R\u00e1pido, Seguro y Optimizado\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.bhoost.com\\\/es\\\/#website\"},\"datePublished\":\"2023-05-08T09:03:07+00:00\",\"dateModified\":\"2023-07-31T13:35:04+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.bhoost.com\\\/es\\\/#\\\/schema\\\/person\\\/8b3f2008c39ed0798bd79da571f15d18\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.bhoost.com\\\/es\\\/multiples-vulnerabilidades-en-prestashop-abril-2023\\\/#breadcrumb\"},\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.bhoost.com\\\/es\\\/multiples-vulnerabilidades-en-prestashop-abril-2023\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.bhoost.com\\\/es\\\/multiples-vulnerabilidades-en-prestashop-abril-2023\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.bhoost.com\\\/es\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"M\u00faltiples vulnerabilidades en PrestaShop Abril 2023\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.bhoost.com\\\/es\\\/#website\",\"url\":\"https:\\\/\\\/www.bhoost.com\\\/es\\\/\",\"name\":\"BHOOST Hosting E-Commerce R\u00e1pido, Seguro y Optimizado\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.bhoost.com\\\/es\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"es\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.bhoost.com\\\/es\\\/#\\\/schema\\\/person\\\/8b3f2008c39ed0798bd79da571f15d18\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/ba2d1dbd29575291b54a65b52c6a0f9064c2723f3c8612b0ecf18408b468c2ad?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/ba2d1dbd29575291b54a65b52c6a0f9064c2723f3c8612b0ecf18408b468c2ad?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/ba2d1dbd29575291b54a65b52c6a0f9064c2723f3c8612b0ecf18408b468c2ad?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\\\/\\\/www.bhoost.com\"],\"url\":\"https:\\\/\\\/www.bhoost.com\\\/es\\\/author\\\/andreasacca_vd0s1ik8\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"M\u00faltiples vulnerabilidades en PrestaShop Abril 2023 - BHOOST Hosting E-Commerce R\u00e1pido, Seguro y Optimizado","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.bhoost.com\/es\/multiples-vulnerabilidades-en-prestashop-abril-2023\/","og_locale":"es_ES","og_type":"article","og_title":"M\u00faltiples vulnerabilidades en PrestaShop Abril 2023 - BHOOST Hosting E-Commerce R\u00e1pido, Seguro y Optimizado","og_description":"Se han detectado tres vulnerabilidades en Prestashop que son muy importantes: dos de tipo inyecci\u00f3n SQL, una de gravedad cr\u00edtica […]","og_url":"https:\/\/www.bhoost.com\/es\/multiples-vulnerabilidades-en-prestashop-abril-2023\/","og_site_name":"BHOOST Hosting E-Commerce R\u00e1pido, Seguro y Optimizado","article_published_time":"2023-05-08T09:03:07+00:00","article_modified_time":"2023-07-31T13:35:04+00:00","author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Escrito por":"admin","Tiempo de lectura":"1 minuto"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.bhoost.com\/es\/multiples-vulnerabilidades-en-prestashop-abril-2023\/#article","isPartOf":{"@id":"https:\/\/www.bhoost.com\/es\/multiples-vulnerabilidades-en-prestashop-abril-2023\/"},"author":{"name":"admin","@id":"https:\/\/www.bhoost.com\/es\/#\/schema\/person\/8b3f2008c39ed0798bd79da571f15d18"},"headline":"M\u00faltiples vulnerabilidades en PrestaShop Abril 2023","datePublished":"2023-05-08T09:03:07+00:00","dateModified":"2023-07-31T13:35:04+00:00","mainEntityOfPage":{"@id":"https:\/\/www.bhoost.com\/es\/multiples-vulnerabilidades-en-prestashop-abril-2023\/"},"wordCount":251,"commentCount":0,"keywords":["prestashop"],"articleSection":["Uncategorized"],"inLanguage":"es","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.bhoost.com\/es\/multiples-vulnerabilidades-en-prestashop-abril-2023\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.bhoost.com\/es\/multiples-vulnerabilidades-en-prestashop-abril-2023\/","url":"https:\/\/www.bhoost.com\/es\/multiples-vulnerabilidades-en-prestashop-abril-2023\/","name":"M\u00faltiples vulnerabilidades en PrestaShop Abril 2023 - BHOOST Hosting E-Commerce R\u00e1pido, Seguro y Optimizado","isPartOf":{"@id":"https:\/\/www.bhoost.com\/es\/#website"},"datePublished":"2023-05-08T09:03:07+00:00","dateModified":"2023-07-31T13:35:04+00:00","author":{"@id":"https:\/\/www.bhoost.com\/es\/#\/schema\/person\/8b3f2008c39ed0798bd79da571f15d18"},"breadcrumb":{"@id":"https:\/\/www.bhoost.com\/es\/multiples-vulnerabilidades-en-prestashop-abril-2023\/#breadcrumb"},"inLanguage":"es","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.bhoost.com\/es\/multiples-vulnerabilidades-en-prestashop-abril-2023\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.bhoost.com\/es\/multiples-vulnerabilidades-en-prestashop-abril-2023\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.bhoost.com\/es\/"},{"@type":"ListItem","position":2,"name":"M\u00faltiples vulnerabilidades en PrestaShop Abril 2023"}]},{"@type":"WebSite","@id":"https:\/\/www.bhoost.com\/es\/#website","url":"https:\/\/www.bhoost.com\/es\/","name":"BHOOST Hosting E-Commerce R\u00e1pido, Seguro y Optimizado","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.bhoost.com\/es\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"es"},{"@type":"Person","@id":"https:\/\/www.bhoost.com\/es\/#\/schema\/person\/8b3f2008c39ed0798bd79da571f15d18","name":"admin","image":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/secure.gravatar.com\/avatar\/ba2d1dbd29575291b54a65b52c6a0f9064c2723f3c8612b0ecf18408b468c2ad?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/ba2d1dbd29575291b54a65b52c6a0f9064c2723f3c8612b0ecf18408b468c2ad?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ba2d1dbd29575291b54a65b52c6a0f9064c2723f3c8612b0ecf18408b468c2ad?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/www.bhoost.com"],"url":"https:\/\/www.bhoost.com\/es\/author\/andreasacca_vd0s1ik8\/"}]}},"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/www.bhoost.com\/es\/wp-json\/wp\/v2\/posts\/1327","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.bhoost.com\/es\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.bhoost.com\/es\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.bhoost.com\/es\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bhoost.com\/es\/wp-json\/wp\/v2\/comments?post=1327"}],"version-history":[{"count":1,"href":"https:\/\/www.bhoost.com\/es\/wp-json\/wp\/v2\/posts\/1327\/revisions"}],"predecessor-version":[{"id":1328,"href":"https:\/\/www.bhoost.com\/es\/wp-json\/wp\/v2\/posts\/1327\/revisions\/1328"}],"wp:attachment":[{"href":"https:\/\/www.bhoost.com\/es\/wp-json\/wp\/v2\/media?parent=1327"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.bhoost.com\/es\/wp-json\/wp\/v2\/categories?post=1327"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.bhoost.com\/es\/wp-json\/wp\/v2\/tags?post=1327"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}