CVE-2023-46348 | SunnyToo sturls up to 1.1.12 on PrestaShop getInstanceId sql injection

CVE-2023-46348 | SunnyToo sturls up to 1.1.12 on PrestaShop getInstanceId sql injection

A vulnerability classified as critical has been found in SunnyToo sturls up to 1.1.12 on PrestaShop. This affects the function StUrls::hookActionDispatcher/StUrls::getInstanceId. The manipulation leads to sql injection. This vulnerability is uniquely identified as CVE-2023-46348. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.