VYPR
Unrated severityNVD Advisory· Published Jul 2, 2020· Updated Aug 4, 2024

Reflected XSS when uploading an image in the Product page in PrestaShop

CVE-2020-15083

Description

In PrestaShop from version 1.7.0.0 and before version 1.7.6.6, if a target sends a corrupted file, it leads to a reflected XSS. The problem is fixed in 1.7.6.6

Affected products

2
  • Prestashop/Prestashopllm-fuzzy2 versions
    >=1.7.0.0, <1.7.6.6+ 1 more
    • (no CPE)range: >=1.7.0.0, <1.7.6.6
    • (no CPE)range: >= 1.7.0.0, < 1.7.6.6

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.