CVE-2023-43979 | ETS Soft ybc_blog Module up to 4.3.x on PrestaShop getPosts sql injection (EUVD-2023-48338)
A vulnerability classified as critical was found in ETS Soft ybc_blog Module up to 4.3.x on PrestaShop. This affects the function Ybc_blogBlogModuleFrontController::getPosts. Executing a manipulation can lead to sql injection.
The identification of this vulnerability is CVE-2023-43979. The attack needs to be done within the local network. There is no exploit available.
Upgrading the affected component is advised.