Update Feed

PrestaShop 1.7.8.9

27 April 2023

PrestaShop version 1.7.8.9 is now available (security release).

Upgrading to PrestaShop 1.7.8.9

PrestaShop 1.7.8.9 can be updated to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply PrestaShop updates as new versions are released, or use Installatron's Clone feature to duplicate an existing PrestaShop install to test the 1.7.8.9 upgrade prior to moving it live with Installatron's Sync funtionality. Get started managing PrestaShop with Installatron

What's New in PrestaShop 1.7.8.9

Back Office - Improvements

#32140: Fix CVE 2023-25170 on 1.7.8.x (by @mflasquin)
#32105: Release/manual verifications 1789 (by @mflasquin)

Back Office - Bug fixes

#GHSA-8r4m-5p6p-52rp Fix arbitrary file ready through sql manager (found by truff@projet7.org / Sébastien Cantos)

Core - Improvements

#GHSA-fh7r-996q-gvcp: Possible XSS injection through Validate::isCleanHTML method (by @ matthieu-rolland)
#GHSA-p379-cxqh-q822 Fix executeS method making sure it does selection only (found by truff@projet7.org / Sébastien Cantos)

Tests - Improvements

#32144: Nightly : Migrate from nightly.prestashop.com to nightly.prestashop-project.org (by @Progi1984)