Input Validation Flaw in PrestaShop Affects Data Security
CVE-2026-14846
4.5MEDIUM
What is CVE-2026-14846?
In PrestaShop version 8.2.1, an improper input validation vulnerability exists due to inadequate sanitization of the 'Alias' parameter within the 'Update your address' function. This flaw can lead to the execution of malicious code when using the 'Get my data in CSV' tool, potentially exposing sensitive personal data of users. Attackers could exploit this weakness to gain unauthorized access to personal information, thereby compromising user privacy and data integrity.
Affected Version(s)
The firmware 8.2.1
